Centos server lock down

I have a Centos Enterprise server and want the following: 1) Close all means of access via Cpanel, WMA, email and other services but Apache and Mysql. 2) Lock the server in a way that no one can reset the root pass when physically at the server with the grub loader or any other method. 3) Change any other user's password that could access the server 4) Make sure no one can extract information from the server using any physical means. 5) Change the root pass. At the end provide me a list changes to the server and way to restore access, or will hire again to restore access (when needed) Providers please bid as low as possible as my budget is very limited. These tasks can be performed by anyone that has implemented security hardening. I have this same posting on another freelancer site, and looking forward for a low cost-effective solution. Thank you