Fun story: originally, this whole construction cone thing was a student joke. VLC has been developed at a French university, which was under construction when the software was created. The students - possibly cheered up by a few drinks - had fun with some construction cones and ended up choosing it as their emblem.
tbh, we don't see this as a competition. Those guys (and gals) were there WAY before us, and they know their stuff. And there are many more people covering similar topics, too. We're humble enough to know that we stand on the shoulders of giants. Our feeling is that the subject is complex and fast-paced. With more reliable sources, people have better chances to find whats working best for them.
You're right. We've pondered this for quite some time, and if you check older commits you'll even see that we included Conversations at some point. We really like XMPP (and are also a bit nostalgic). In the end, we however decided to favour messengers which provide encryption out of the box, irrespective which client is used, and give XMPP an "honorable mention". If there is enough interest, or if people contribute, we can still cover the topic in future releases
Below a couple of ideas, some building on what has already been stated. It's all detailed here:
Feedback really welcomed, as there's always something to be learned in server security :)
--
General hardening:
SSH:
MySQL (if applicable):
Apache (if applicable):
PHP (if applicable):
Network security (sysctl):