Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Configure Linux system time synchronization with chrony and NTP hardening
linuxSet up Node.js application security with Helmet and rate limiting
securityInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure PostgreSQL 17 with performance tuning and security hardening
databasesRecently published
Configure ModSecurity machine learning anomaly detection for automated threat protection
securityConfigure NGINX HTTP/2 server push and connection multiplexing
performanceConfigure NGINX SSL certificate automation with Certbot and renewal monitoring
hostingMonitor FastAPI applications with Prometheus and Grafana for production observability
monitoringConfigure logrotate with Elasticsearch and Kibana integration for automated log management
monitoringImplement network security with iptables connection tracking and stateful packet filtering
Configure iptables with connection tracking modules to implement stateful packet filtering, advanced NAT rules, and comprehensive network security monitoring. Build robust firewall rules that track connection states and provide granular control over network traffic.
Configure Apache rate limiting and DDoS protection with mod_security and mod_evasive
Set up comprehensive Apache protection against DDoS attacks and malicious traffic using mod_evasive for rate limiting, mod_security with OWASP rules for web application firewall capabilities, and fail2ban integration for automated IP blocking.
Install and configure Deno for web development with systemd and reverse proxy
Deploy production-ready Deno web applications with automatic process management using systemd and secure SSL termination through Nginx reverse proxy configuration.
Install and configure PHP 8.4 with Apache and security hardening
Set up PHP 8.4 with Apache web server using PHP-FPM for optimal performance and security. Learn to configure essential PHP modules, implement security hardening measures, and optimize your LAMP stack for production environments.
Configure Linux file permissions and access control with umask and chmod best practices
Learn how to configure secure Linux file permissions using chmod, set default permissions with umask, and implement proper access control to prevent security vulnerabilities while fixing permission denied errors.
Configure SSH key authentication and disable password login for secure server access
Set up SSH public key authentication on Linux servers and disable password-based logins to prevent brute force attacks and improve security. This tutorial covers key generation, server configuration, and troubleshooting common authentication issues.
Install and configure Jetty application server with SSL certificates and performance tuning
Deploy Eclipse Jetty application server with SSL/TLS encryption, systemd service management, and production-ready performance optimizations. Configure reverse proxy integration and security hardening for Java web applications.
Install and configure Cherokee web server with FastCGI and virtual hosts
Set up Cherokee web server with web-based administration, FastCGI support for PHP applications, SSL-enabled virtual hosts, and performance optimizations for lightweight web hosting environments.
Configure OSSEC HIDS for intrusion detection with email alerts and real-time monitoring
Set up OSSEC Host-based Intrusion Detection System with server-agent architecture, custom detection rules, email notifications, and real-time monitoring for comprehensive security monitoring across multiple systems.
Configure network load balancing with keepalived and VRRP for high availability failover
Set up keepalived with VRRP to create highly available network services with automatic failover. Configure virtual IP addresses that move between servers when one fails, ensuring zero-downtime load balancing.
Configure Linux firewall rules with fail2ban for SSH brute force protection and intrusion prevention
Set up fail2ban to automatically block SSH brute force attacks and protect your Linux server from unauthorized access attempts. Configure custom jails, firewall integration, and email notifications for comprehensive intrusion prevention.
Configure ModSecurity 3 web application firewall with OWASP Core Rule Set for advanced threat protection
Set up ModSecurity 3 with OWASP Core Rule Set 4.0 to protect web applications from SQL injection, XSS, and other attacks. Configure integration with Nginx and Apache, implement custom rules, and optimize performance for production environments.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer