Infrastructure tutorials
Production-grade guides for Linux, servers, security and performance. Copy-paste commands, multi-distro support, written by engineers who run this in production.
Browse by topic
Linux
System administration, shell scripting, package management
Hosting & Servers
Web servers, reverse proxies, SSL, domains
Security
Firewalls, hardening, encryption, access control
Performance
Caching, optimization, profiling, load testing
Databases
MySQL, PostgreSQL, Redis, backups, replication
Networking
DNS, load balancing, VPN, TCP/IP, routing
DevOps
CI/CD, Docker, Kubernetes, automation
Monitoring
Logging, alerting, metrics, observability
Most viewed
Configure Linux system time synchronization with chrony and NTP hardening
linuxInstall and configure Caddy web server with automatic HTTPS and reverse proxy
hostingInstall and configure Uvicorn ASGI server with systemd and reverse proxy for FastAPI applications
hostingSet up Node.js application security with Helmet and rate limiting
securityInstall and configure PostgreSQL 17 with performance tuning and security hardening
databasesRecently published
Configure Jetty clustering and session replication for high availability
hostingConfigure Cherokee web server with MySQL database optimization and performance tuning
hostingConfigure Cassandra SSL encryption and authentication with security hardening
databasesInstall and configure ntopng for comprehensive network monitoring with traffic analysis and real-time dashboards
networkingOptimize Cassandra data modeling and query performance with advanced tuning and monitoring
databasesConfigure OSSEC active response for automated threat blocking
Set up OSSEC active response to automatically block threats by configuring firewall rules, custom response scripts, and tuning response actions for real-time intrusion prevention.
Set up SSH bastion host with jump server configuration for secure network access
Configure an SSH bastion host to secure access to private networks, implementing jump server functionality with key-based authentication and access controls for enhanced security.
Configure Apache rate limiting and DDoS protection with mod_security and mod_evasive
Set up comprehensive Apache protection against DDoS attacks and malicious traffic using mod_evasive for rate limiting, mod_security with OWASP rules for web application firewall capabilities, and fail2ban integration for automated IP blocking.
Configure Linux file permissions and access control with umask and chmod best practices
Learn how to configure secure Linux file permissions using chmod, set default permissions with umask, and implement proper access control to prevent security vulnerabilities while fixing permission denied errors.
Configure network load balancing with keepalived and VRRP for high availability failover
Set up keepalived with VRRP to create highly available network services with automatic failover. Configure virtual IP addresses that move between servers when one fails, ensuring zero-downtime load balancing.
Configure Linux firewall rules with fail2ban for SSH brute force protection and intrusion prevention
Set up fail2ban to automatically block SSH brute force attacks and protect your Linux server from unauthorized access attempts. Configure custom jails, firewall integration, and email notifications for comprehensive intrusion prevention.
Install and configure Fail2ban with advanced rules and email alerts
Set up Fail2ban intrusion prevention system with custom SSH, web server, and application protection rules. Configure email notifications and advanced filtering to automatically block malicious IP addresses based on log patterns.
Need help?
Don't want to manage this yourself?
We handle infrastructure for businesses that depend on uptime. From initial setup to ongoing operations.
Talk to an engineer