The Perfect Nginx Server - Ubuntu (22.04) Edition

Description

This course is based on the latest Ubuntu Server Long Term Support Release 22.04

This is a beginner's course that assumes you have no knowledge configuring a Linux server, server administration or NGINX.

New to Linux or server administration? Included in the course, is an absolute beginners "crash" Linux course. This 1 hour "course within a course" will teach you the commands, terminology and procedures as it relates to this course.

This course is NGINX is a high-performance web server that is responsible for serving almost all of the most popular sites in the world.

We start with a blank slate and layer by layer configure the perfect nginx server.  I will teach you, step by step, to a point where you will have the skill, knowledge and confidence to host multiple hardened WordPress sites, on an unmanaged VPS or dedicated server, using nginx.

You will need no support from your host. You will be your own system administrator.

This course covers the entire spectrum of configuring an Ubuntu based NGINX server. We will cover everything from initial server configuration to hardening and optimizing the server distribution.

Some of the server optimization and hardening steps will include the following topics:

• SSH Key authentication

• Setting up both Uncomplicated Firewall and a "Cloud Firewall"

• Brute force attack protection

• SWAP

• Harden Shared Memory

• Harden and Optimize the Network Layer

• Tuned and Congestion Control

• File Access Times and setting the Open File Limits

Then we install, harden and optimize Nginx, MariaDB and php8.1.  Although the default installations of Nginx, MariaDB and PHP8.1 are fairly well hardened, we will spend over 1.5 hours hardening and optimizing Nginx, MariaDB and PHP8.1

Then we install our first WordPress site. We then start the process of hardening and optimizing WordPress. Installing a caching and security plugin does not optimize or harden a WordPress site. Some "security plugins" are a source of vulnerabilities themselves.

Almost 4 hours of the course is dedicated to hardening and optimizing WordPress. We look at hardening and optimizing WordPress from the server side and layer by layer we will harden our site.

Some of the hardening topics include:

• Installing SSL certificates and configuring automatic renewal of those certificates.

• Securing the http response headers

• Setting the correct ownership and permissions on the WP files and directories

• Using nginx directives to protect important parts of our site

• Hot linking protection to stop other sites from stealing our bandwidth and driving up server costs

• Nginx DDoS protection

• Setting up a web application firewall

When it comes to optimizing WP, we will look at the process from both the server-side and the application (WordPress) side.

On the server-side we will cover the following:

• optimizing the operating system - prior to optimizing WordPress

• optimizing nginx - prior to optimizing WordPress

• configuring php-fpm according to your server resources - prior to optimizing WordPress - set to low your site slows down, set to high and your server will crash

• server-side caching - fastcgi caching is brilliant

• replacing WP cron with a real cron

On the application or WordPress side you need to look at the following:

• Caching plugin - W3 Total Cache

• Optimizing images

• Post revisions policy

• Optimizing the database

• Combining and minifying CSS and JS

Throughout the course, the principle of install only what's needed, then harden and optimize is followed. The most important aspect of any server is security. I don't just glance over this aspect, every configuration step you will take is geared towards security.  We will optimize the server, but not at the expense of lax security.

It's impossible to list all the hardening and security layers we implement in this section, for a complete list please refer to the actual course curriculum.

By the end of this course, you will be ready to reap the benefits...

You'll be able to add a new revenue stream and start earning additional income hosting your own sites using NGINX. There will be numerous new services you will be adding to your resume as a web developer. You will be able to charge for numerous new services - site hosting, site optimization, Let's Encrypt SSL certificate installation and renewal, backups and even a monthly maintenance fee.

This course is not a lab experiment with no real-world application.

This course was not designed to be completed locally, on your pc or mac or using one of the many available "Virtual Machines". Oracle's VirtualBox is one example. The aim of the course is to instruct you on how to setup a secure/hardened hosting environment and then host multiple hardened WordPress sites on a commercially purchased VPS or dedicated server.

I want you to able to look at server logs and see how malicious users and bots are scanning your server, probing and looking for vulnerabilities. You need to be able to see the result of your hardening - banning, blocking, rate limiting - in your server logs. This cannot be done in a Virtual Machine.

All that's left is for you to sign up for this course and start your wonderful journey as your very own systems administrator running multiple WordPress sites using the latest Ubuntu release and NGINX.

Who this course is for:

• Anyone who wants to host WordPress sites using nginx
• Anyone who wants to move from shared hosting to self-managed - VPS or DEDICATED SERVER hosting
• Anyone who wants to upgrade from slow and oversubscribed shared web hosting servers to your own blazingly fast VPS or DEDICARED SERVERS
• Frustrated with your current web hosts support, learn to do it yourself with this course, become your own sys admin, its easy!!!
• Anyone who is looking for a new income stream, you can boost your income drastically, by offering additional services that this course will teach you