
In this section we are going to look at various introductory topics that relate to this course. It's important that you complete this section of the course as I cover some important topics and how they relate to the course.
In this lecture I'm going to introduce you to the essential Linux skills you need to complete this course successfully.
This is the new 2024 Linux Essential Skills mini - crash - course that I include with all my courses.
If you are new to Linux, it's very important that you take your time and work your way through this lecture. You must use this section to familiarize yourself with the commands and the various aspects of Linux in relation to this course. All of the topics are important, don't skip any of the topics in this lecture.
If you are familiar with Linux and have used the command line to before, then please feel free to skip this lecture.
This is the first Essential Skills Lecture
In this lecture I'm going to introduce you to the essential Linux skills you need to complete this course successfully.
This is the new 2024 Linux Essential Skills mini - crash - course that I include with all my courses.
If you are new to Linux, it's very important that you take your time and work your way through this lecture. You must use this section to familiarize yourself with the commands and the various aspects of Linux in relation to this course. All of the topics are important, don't skip any of the topics in this lecture.
If you are familiar with Linux and have used the command line to before, then please feel free to skip this lecture.
This is the second Essential Skills Lecture
In this lecture I'm going to introduce you to the essential Linux skills you need to complete this course successfully.
This is the new 2024 Linux Essential Skills mini - crash - course that I include with all my courses.
If you are new to Linux, it's very important that you take your time and work your way through this lecture. You must use this section to familiarize yourself with the commands and the various aspects of Linux in relation to this course. All of the topics are important, don't skip any of the topics in this lecture.
If you are familiar with Linux and have used the command line to before, then please feel free to skip this lecture.
This is the third Essential Skills Lecture
In this lecture I'm going to introduce you to the essential Linux skills you need to complete this course successfully.
This is the new 2024 Linux Essential Skills mini - crash - course that I include with all my courses.
If you are new to Linux, it's very important that you take your time and work your way through this lecture. You must use this section to familiarize yourself with the commands and the various aspects of Linux in relation to this course. All of the topics are important, don't skip any of the topics in this lecture.
If you are familiar with Linux and have used the command line to before, then please feel free to skip this lecture.
This is the fourth Essential Skills Lecture
In this lecture we are going to look at the software you require to complete the course successfully. All the software used in this course and this includes any WordPress themes or plugins is free and or open source. You will not be required to purchase any software.
In this section we look at web hosts, server specifications for different types of WordPress sites. We are also going to create a server instance for the course.
Server hardening begins by changing the root user's password, creating a new non-root user, granting it root privileges, and then disabling root login for improved security. This is the first lecture of the initial hardening process.
Server hardening begins by changing the root user's password, creating a new non-root user, granting it root privileges, and then disabling root login for improved security. This is the second lecture of the initial hardening process.
As the non-root user, the process continues by enabling SSH key authentication to replace password-based logins, simplifying access with an SSH config file. Regularly updating server packages ensures security patches are applied, while implementing firewall policies locks down unused ports and services. Finally, installing Fail2ban helps protect against brute-force attacks by monitoring and banning suspicious login attempts. This is the first lecture of the hardening process as the non-root user.
As the non-root user, the process continues by enabling SSH key authentication to replace password-based logins, simplifying access with an SSH config file. Regularly updating server packages ensures security patches are applied, while implementing firewall policies locks down unused ports and services. Finally, installing Fail2ban helps protect against brute-force attacks by monitoring and banning suspicious login attempts. This is the second lecture of the hardening process as the non-root user.
As the non-root user, the process continues by enabling SSH key authentication to replace password-based logins, simplifying access with an SSH config file. Regularly updating server packages ensures security patches are applied, while implementing firewall policies locks down unused ports and services. Finally, installing Fail2ban helps protect against brute-force attacks by monitoring and banning suspicious login attempts. This is the third lecture of the hardening process as the non-root user.
As the non-root user, the process continues by enabling SSH key authentication to replace password-based logins, simplifying access with an SSH config file. Regularly updating server packages ensures security patches are applied, while implementing firewall policies locks down unused ports and services. Finally, installing Fail2ban helps protect against brute-force attacks by monitoring and banning suspicious login attempts. This is the fourth lecture of the hardening process as the non-root user.
Advanced server hardening involves several key optimizations and security measures. First, set the server's timezone to your local time. To prevent crashes due to memory exhaustion, configure SWAP to use SSD space as virtual memory. Secure the shared memory space to prevent exploitation and disable IPv6 by modifying the grub configuration. Harden and optimize the TCP/IP stack, and switch congestion control to BBR (Bottleneck Bandwidth and Round-trip Time) to boost throughput and reduce latency. For performance improvements, disable filesystem tracking of file access times and increase the maximum number of open files per process to allow for more concurrent connections. This is the first lecture of the section dealing with hardening and optimizing the server distro.
Advanced server hardening involves several key optimizations and security measures. First, set the server's timezone to your local time. To prevent crashes due to memory exhaustion, configure SWAP to use SSD space as virtual memory. Secure the shared memory space to prevent exploitation and disable IPv6 by modifying the grub configuration. Harden and optimize the TCP/IP stack, and switch congestion control to BBR (Bottleneck Bandwidth and Round-trip Time) to boost throughput and reduce latency. For performance improvements, disable filesystem tracking of file access times and increase the maximum number of open files per process to allow for more concurrent connections. This is the second lecture of the section dealing with hardening and optimizing the server distro.
Advanced server hardening involves several key optimizations and security measures. First, set the server's timezone to your local time. To prevent crashes due to memory exhaustion, configure SWAP to use SSD space as virtual memory. Secure the shared memory space to prevent exploitation and disable IPv6 by modifying the grub configuration. Harden and optimize the TCP/IP stack, and switch congestion control to BBR (Bottleneck Bandwidth and Round-trip Time) to boost throughput and reduce latency. For performance improvements, disable filesystem tracking of file access times and increase the maximum number of open files per process to allow for more concurrent connections. This is the third lecture of the section dealing with hardening and optimizing the server distro.
In this section we are going to look at how you point a domain name to your server using Cloudflare.
In this section of the course, we are going to look at official and unofficial repositories, the package manager and we are going to install the hosting stack. The hosting stack consists of nginx, MariaDB and php 8.3.
Nginx is the web server, MariaDB the database management system and php is the server-side scripting language that is responsible for generating the dynamic WordPress page content.
In this section we are going to configure the server to send mail using php. This will enable a SMTP service on your WP site and allow your sites to send mail without using any plugins.
We are also going to look at the easiest method to create a mail@your_domain email account.
Before we start configuring nginx, we need to look at the layout of a nginx configuration file as well as definitions that relate to nginx. This section is important as it teaches you how to read and understand a nginx configuration file.
Welcome to The Perfect Nginx Server course, based on the latest Ubuntu Server Long Term Support release (24.04).
This beginner-friendly course assumes no prior experience with Linux server configuration, system administration or Nginx. Whether you’re new to Linux or managing servers, this course will teach you from the ground up.
New to Linux or server administration? Included in the course, is an absolute beginners "crash" Linux course. This 1.5 hour "course within a course" will teach you the commands, terminology and procedures as it relates to this course.
Nginx is one of the most popular and powerful web servers in the world, known for its speed and performance. In this course, we start with a blank server and gradually build it up to a fully optimized Nginx server capable of hosting multiple hardened WordPress sites on a VPS or dedicated server.
What You Will Learn:
How to configure and secure your server without relying on hosting provider support—you'll become your own system administrator.
From initial setup to optimization, this course covers the entire process of configuring an Ubuntu-based Nginx server.
You’ll learn to:
Optimize and Harden Your Server: Implement SSH Key authentication, set up firewalls (UFW and cloud firewalls), and protect your server from brute force attacks.
Tuning the Server: Optimize the network layer, adjust swap and shared memory, fine-tune Nginx and MariaDB settings, and control file access and limits.
Hardening Nginx, MariaDB, and PHP 8.3: Spend almost 2 hours configuring these core services to be both optimized and secure, preparing your server for real-world challenges.
Deploy Hardened WordPress Sites: Install, harden, and optimize WordPress sites, going beyond superficial security plugins. Learn to secure your files, protect sensitive areas, and stop hotlinking, DDoS attacks, and more.
New 24.04 Course Additions Based on Student Requests:
PHPPools: Efficiently manage multiple PHP pools for various WordPress sites.
OpenBaseDir: Secure PHP by limiting file access to specific directories.
DisallowFileMods: Prevent unauthorized modifications to WordPress core files and plugins.
Database Privileges: Fine-tune database user privileges for enhanced security.
WP REST API: Manage and secure the WordPress REST API for optimized site performance.
Free Wildcard SSL Certificates: Installation, A+ rating configuration and automatic renewal
Throughout the course, we’ll follow the key principle of only installing what’s necessary, then harden and optimize that component for security and performance. Security is paramount, every step you take will be focused on protecting your server and WordPress sites.
This course has real world application, you’ll gain hands-on experience setting up a secure hosting environment on a VPS or dedicated server, not on a local virtual machine. You'll learn to monitor server logs and observe how your configurations fend off bots and malicious users.
By the end of This course, you will be able to:
Host multiple fast, secure WordPress sites on your own server
Add a new income stream by offering site hosting, optimization, SSL certificate management, and more to clients
Confidently manage your server without relying on external support
Gain practical, real-world experience applicable to any server environment
Designed for anyone eager to take control of their hosting, this course empowers you to step into the role of a systems administrator. By the end, you’ll be ready to manage your own WordPress sites on Nginx, using the latest Ubuntu release.
Sign up today and begin your journey to mastering server management!