inorder to implement security rules, first we know the types attacks & vulnerabilities of server, or linux kernel.
most common attacks are
#1 brute force attacks ddos (to take down the server)
#2 SQL injection (to gain access to database to steal valuable info like customer credit card details)
#3XSS cross site injection
sending post requests from their severs, to our database.
#4 application level vulnerabilities, kernel level etc.