...
- do we still need to close port 8080 or has that been done in ec2 scripts? - done via console
- create virtual hosts stanza for 443
- generate self-signed cert
- set up log rotation - done via ansible for tomcat, solr. needs to be checked on after running for a bit. needs to be done for application logs.
- with nginx I ran into a max body upload size issue – is that a thing with apache or you've never seen a problem like that? - yes but it's like, she thinks 3G.
- monitoring:
website availability
- services
for security
user account creation
CPU / Memory monitoring can help identify security breaches, as well
Keep an eye on AWS; if we start seeing boxes we didn't create spin up there's a problem
- testing ansible – put in some asserts? http://docs.ansible.com/test_strategies.html
...