Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Configure Linux system time synchronization with chrony and NTP hardening
linuxSet up Node.js application security with Helmet and rate limiting
securityInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingInstall and configure PostgreSQL 17 with performance tuning and security hardening
databasesRecently published
Configure logrotate with Elasticsearch and Kibana integration for automated log management
monitoringSetup log aggregation with rsyslog and logrotate for centralized system monitoring
linuxConfigure SSH key authentication and security hardening
securityConfigure PostgreSQL 17 SSL encryption and advanced security hardening
securityIntegrate ModSecurity 3 with SOAR platforms for automated incident response and threat detection
securityConfigure SSH key authentication and security hardening
Replace password authentication with SSH keys and implement comprehensive security hardening including fail2ban, audit logging, and access controls to protect your Linux servers from unauthorized access and brute force attacks.
Implement network security policies with iptables and firewalld for enterprise infrastructure protection
Configure enterprise-grade network security with iptables and firewalld, implementing zone-based policies, advanced rules, and comprehensive logging for production infrastructure protection.
Implement OpenLiteSpeed WAF and DDoS protection with ModSecurity 3 and rate limiting
Set up comprehensive web application security for OpenLiteSpeed with ModSecurity 3 web application firewall, OWASP Core Rule Set for threat protection, and advanced rate limiting to defend against DDoS attacks and malicious traffic.
Configure NGINX rate limiting and DDoS protection with advanced security rules
Set up NGINX rate limiting modules, implement connection limits, and configure geographic blocking to protect your web applications from DDoS attacks and abuse.
Configure advanced iptables firewall rules with logging, port knocking, and DDoS protection
Build a production-grade iptables firewall with connection tracking, rate limiting, and port knocking. Includes automated DDoS protection, detailed logging, and security hardening for enterprise environments.
Set up SSH bastion host with jump server configuration for secure network access
Configure an SSH bastion host to secure access to private networks, implementing jump server functionality with key-based authentication and access controls for enhanced security.
Configure shell aliases and functions for development productivity
Set up custom shell aliases and functions to streamline your development workflow, reduce typing, and boost terminal productivity with reusable commands and automation shortcuts.
Monitor Django applications with Prometheus and Grafana for comprehensive performance insights
Set up comprehensive Django application monitoring using Prometheus metrics collection and Grafana dashboards. Configure django-prometheus middleware to track request metrics, database queries, and application performance with real-time alerting.
Configure NGINX rate limiting and advanced security rules for DDoS protection
Configure NGINX with comprehensive rate limiting, connection throttling, and advanced security headers to protect your web applications from DDoS attacks and malicious traffic. Learn to implement zone-based rate limiting, geographic blocking, and real-time monitoring for production environments.
Set up OSSEC agent deployment and centralized management with automated configuration
Deploy and manage OSSEC Host-based Intrusion Detection System (HIDS) across multiple servers with centralized monitoring, automated agent configuration, and real-time security event processing for enterprise-scale infrastructure protection.
Configure Linux user and group management with sudo access control
Learn to create and manage Linux users and groups with proper sudo access control, security hardening, and monitoring. This comprehensive guide covers account creation, group membership management, sudo configuration, and security best practices for production environments.
Set up NGINX web application firewall with ModSecurity 3 and OWASP Core Rule Set
Configure a production-grade web application firewall using NGINX with ModSecurity 3 and OWASP Core Rule Set. Includes logging, monitoring, and fail2ban integration for comprehensive threat protection.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer