Because very few apps are silos, we need to ensure that the backend is also secure using security best practices.
It goes without saying that if your backend servers are vulnerable, your entire system is also vulnerable. This includes your app, the data it processes, and your infrastructure (one vulnerable server can often serve as a foothold for an invading attacker).
Although we can't cover every scenario, we can give a few guidelines:
rootfrom logging in directly; require
sudofrom specific accounts in order to perform tasks requiring administrative privileges.