to harden php-fpm a little bit,
you can enable chroot options in php-fpm pool configuration file,
www-php-fpm-pool-changes.conf has some basic settings to enable chroot.
upload chroot.sh into your chroot directory
/home/user/public_html/
chroot will end up here ^----------------^ magento files will be down here
and execute, it will create then all needed folders and copy all the files required.
chroot will probably break some of your extensions or other services, but,
it can be easily fixed if you look into error log.