Security - Ubuntu [LINUX] and others

Here is few of my personal tips from my experience.

#1 Fail2ban for blocking brute force attacks
#2 APF (Advanced Policy Firewall) to automatically blacklist malicious IPs, and fully utilize IPTABLES (firewall).
#3 NAXSI (NGINX) or Mod_Security (Apache2) for WAF (Web Application Firewall) to prevent MySQL injections, and other malicious attacks (cross site scripting, backdoor uploading, etc..)
#4 sysctl tweaks to prevent spoof or other minor (D)Dos attacks.
#5 Use Incapsula (NOT CloudFlare or Blazingfast) for additional security for websites.

The reason why I've mentioned not to use CF or BF is because their performance may be the top-notch, but their security system aren't. Not to mention, their uptime isn't very satisfying, either. If you are curious or need an evidence for that claim, simply Google. Feel free to criticize / correct me if I am mistaken.