I was browsing the web for documentation on how to make GenieACS deployment secure and solid enough for it to run on a public IP address. I did not find any useful sources so I would appreciate a link or two /short list od tips from this community.
What I’m looking for includes but od not limited to:
Latest version of TLS configuration
Using nondefault ports on loopback interface for all nonpublic ports
Cpe authentication and authorization
Automatic blacklisting to prevent brute force attacks
Thanks in advance