Configure the /etc/exports file with the most restrictive access possible. This means not using wildcards, not allowing root
write access, and mounting read-only wherever possible.

Edit the exports file (vi /etc/exports) and add:
As an example:
/dir/to/export host1.mydomain.com(ro,root_squash)
/dir/to/export host2.mydomain.com(ro,root_squash)
Where /dir/to/export is the directory you want to export, host1.mydomain.com is the machine allowed to log in this directory, the option mean mounting read-only and the option for not allowing root write access in this directory.
* root_squash - Maps the root user to the nobody user. This has the effect of not allowing a root user on a client to gain root file access permissions on the server.
* all_squash - Maps all the UIDs and GIDs to the nobody user. This is useful if the share is to have anonymous access, much like an anonymous FTP server.

For this change to take effect you will need to run this command on your terminal:
#/usr/sbin/exportfs -a