Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Configure Linux system time synchronization with chrony and NTP hardening
linuxInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingSet up Node.js application security with Helmet and rate limiting
securityInstall and configure PostgreSQL 17 with performance tuning and security hardening
databasesRecently published
Monitor ScyllaDB cluster with Prometheus and Grafana for comprehensive performance tracking
monitoringMonitor Jetty performance with JMX and Grafana dashboards
monitoringConfigure FRRouting route maps and prefix lists for advanced routing policies
networkingConfigure Jetty clustering and session replication for high availability
hostingConfigure Cherokee web server with MySQL database optimization and performance tuning
hostingConfigure SonarQube LDAP authentication and user management with Active Directory integration
Set up enterprise user authentication for SonarQube using LDAP and Active Directory. Configure group mapping, role-based access control, and automated user provisioning for centralized identity management.
Implement MinIO security hardening with IAM policies and audit logging
Secure your MinIO object storage with comprehensive IAM policies, role-based access control, and audit logging for compliance monitoring. This tutorial covers user management, policy creation, and security validation for production environments.
Configure Linux user and group management with sudo access control
Learn to create and manage Linux users and groups with proper sudo access control, security hardening, and monitoring. This comprehensive guide covers account creation, group membership management, sudo configuration, and security best practices for production environments.
Set up NGINX web application firewall with ModSecurity 3 and OWASP Core Rule Set
Configure a production-grade web application firewall using NGINX with ModSecurity 3 and OWASP Core Rule Set. Includes logging, monitoring, and fail2ban integration for comprehensive threat protection.
Implement network security with iptables connection tracking and stateful packet filtering
Configure iptables with connection tracking modules to implement stateful packet filtering, advanced NAT rules, and comprehensive network security monitoring. Build robust firewall rules that track connection states and provide granular control over network traffic.
Configure ClickHouse users and RBAC for production environments with authentication and access control
Secure your ClickHouse deployment with proper user authentication, role-based access control, and production-grade security policies. Learn to create users, manage roles, implement quota systems, and monitor access patterns for enterprise environments.
Implement PHP application monitoring with New Relic and logging
Set up comprehensive PHP application monitoring using New Relic APM with custom metrics and error tracking. Configure structured logging with centralized collection and automated monitoring alerts.
Implement Apache web application firewall with ModSecurity 3 and OWASP Core Rule Set
Deploy ModSecurity 3 as an Apache module with OWASP Core Rule Set to protect web applications from common attacks. Configure real-time logging, custom rules, and automated threat detection for production environments.
Set up Kibana alerting and monitoring with Elasticsearch Watcher for automated threat detection
Configure Kibana alerting rules and Elasticsearch Watcher to automatically detect security threats and send notifications via email or Slack. Set up monitoring dashboards with automated responses for production security monitoring.
Implement HAProxy rate limiting and DDoS protection with advanced security rules
Configure HAProxy with comprehensive rate limiting, connection throttling, and DDoS protection using stick tables, ACLs, and advanced security rules to protect your applications from malicious traffic and ensure service availability.
Configure advanced iptables rules for bridge network security and container isolation
Implement comprehensive bridge network security using advanced iptables rules to isolate containers, control traffic flow, and prevent lateral movement in virtualized environments.
Implement Istio security policies with authorization and authentication for Kubernetes service mesh
Configure Istio service mesh security with mTLS authentication, JWT validation, and RBAC authorization policies. This tutorial covers implementing comprehensive security controls for microservices communication in production Kubernetes environments.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer