What is the best way to secure database server?
> Sanitize all your inputs?
I am not sure I understand what you mean…
via ufw, iptables, and SELinux
Should I close port 80 on it?
Ensure that all connections to the database server require a password (or some other secure credential, NOT just a username and an IP address). Also make sure that each application/user has their own username, and that they only have access to the stuff they need. (If a program runs only SELECT queries on one database, just give it SELECT privileges to that database, and no access to other databases.)
Also, read about, and understand how to recognize and avoid,
SQL Injection Vulnerabilities
$offset = $argv; // beware, no input validation! $query = "SELECT id, name FROM products ORDER BY name LIMIT 20 OFFSET $offset;"; $result = pg_query($conn, $query);
(example borrowed from