
- Use rate-limiting with iptables to break the web scanning that helped the attacker find the vulnerable web pages.
- Use ModSecurity, a free web application firewall, to catch and break the SQL injection attack.
- Use AppArmor to contain the attacker once he compromises the web application.
- Use a best practices iptables egress rule set to break the attacker’s reverse shell.