Is this CentOS 6.2 system reasonably secure as described?

Is this CentOS 6.2 system reasonably secure as described?

This is a CentOS 6.2 system.
For my login with the hosting company website, I set a 20-character mixed
case, letters, numbers, symbols password and enabled two-factor
authentication.
In /etc/ssh/sshd_config I turned off remote root login and turned of
password-based login.
I'm running sshd, Apache, SSL, and MySQL on standard ports (although MySQL
should only be accessed from within the same host).
I plan to run yum update -y as a daily cron job. (should I make it hourly?)
I ran this script to configure my firewall...
*filter
-A INPUT -i lo -j ACCEPT
-A INPUT -d 127.0.0.0/8 -j REJECT
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A OUTPUT -j ACCEPT
-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -p tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: "
--log-level 7
-A INPUT -j REJECT
-A FORWARD -j REJECT
COMMIT
Are there any changes that anyone would recommend?
(I realize that any apps I deploy may have their own security issues such
as SQL injection or cross site scripting). For now, I'm just talking about
the bare setup so far.)