Blog

The Perfect Nginx Server – Ubuntu (22.04) Edition | Udemy

Source: The Perfect Nginx Server – Ubuntu (22.04) Edition | Udemy

The Absolute Beginners Course to Setting Up Multiple Fast WordPress Sites Using Nginx and Ubuntu 22.04

Created by
Last updated 11/2022

What you’ll learn

  • Setup, from scratch, a hardened and optimized VPS or dedicated server
  • Configure a hardened and optimized hosting environment using Nginx, MariaDB and PHP8.1
  • Harden WordPress the correct way – installing a security plugin doesn’t harden WordPress
  • Optimize WordPress from the server side – learn how to configure server-side caching, which is far superior to any caching plugin
  • Learn how to keep your server secure and your WordPress sites hardened from attack by implementing DDoS and brute force attack protection

Requirements

  • Students should be familiar using WordPress
  • Student should have a working knowledge of their local operating system, i.e. Windows, MACOS
  • No knowledge of Linux required, I will teach you everything from scratch
  • No knowledge of the command line is required, I will teach you everything from scratch
  • No knowledge server administration is required, I will teach you everything from scratch

Description

This course is based on the latest Ubuntu Server Long Term Support Release 22.04

This is a beginner’s course that assumes you have no knowledge configuring a Linux server, server administration or NGINX.

New to Linux or server administration? Included in the course, is an absolute beginners “crash” Linux course. This 1 hour “course within a course” will teach you the commands, terminology and procedures as it relates to this course.

This course is NGINX is a high-performance web server that is responsible for serving almost all of the most popular sites in the world.

We start with a blank slate and layer by layer configure the perfect nginx server.  I will teach you, step by step, to a point where you will have the skill, knowledge and confidence to host multiple hardened WordPress sites, on an unmanaged VPS or dedicated server, using nginx.

You will need no support from your host. You will be your own system administrator.

This course covers the entire spectrum of configuring an Ubuntu based NGINX server. We will cover everything from initial server configuration to hardening and optimizing the server distribution.

Some of the server optimization and hardening steps will include the following topics:

  • SSH Key authentication
  • Setting up both Uncomplicated Firewall and a “Cloud Firewall”
  • Brute force attack protection
  • SWAP
  • Harden Shared Memory
  • Harden and Optimize the Network Layer
  • Tuned and Congestion Control
  • File Access Times and setting the Open File Limits

Then we install, harden and optimize Nginx, MariaDB and php8.1.  Although the default installations of Nginx, MariaDB and PHP8.1 are fairly well hardened, we will spend over 1.5 hours hardening and optimizing Nginx, MariaDB and PHP8.1

Then we install our first WordPress site. We then start the process of hardening and optimizing WordPress. Installing a caching and security plugin does not optimize or harden a WordPress site. Some “security plugins” are a source of vulnerabilities themselves.

Almost 4 hours of the course is dedicated to hardening and optimizing WordPress. We look at hardening and optimizing WordPress from the server side and layer by layer we will harden our site.

Some of the hardening topics include:

  • Installing SSL certificates and configuring automatic renewal of those certificates.
  • Securing the http response headers
  • Setting the correct ownership and permissions on the WP files and directories
  • Using nginx directives to protect important parts of our site
  • Hot linking protection to stop other sites from stealing our bandwidth and driving up server costs
  • Nginx DDoS protection
  • Setting up a web application firewall

When it comes to optimizing WP, we will look at the process from both the server-side and the application (WordPress) side.

On the server-side we will cover the following:

  • optimizing the operating system – prior to optimizing WordPress
  • optimizing nginx – prior to optimizing WordPress
  • configuring php-fpm according to your server resources – prior to optimizing WordPress – set to low your site slows down, set to high and your server will crash
  • server-side caching – fastcgi caching is brilliant
  • replacing WP cron with a real cron

On the application or WordPress side you need to look at the following:

  • Caching plugin – W3 Total Cache
  • Optimizing images
  • Post revisions policy
  • Optimizing the database
  • Combining and minifying CSS and JS

Throughout the course, the principle of install only what’s needed, then harden and optimize is followed. The most important aspect of any server is security. I don’t just glance over this aspect, every configuration step you will take is geared towards security.  We will optimize the server, but not at the expense of lax security.

It’s impossible to list all the hardening and security layers we implement in this section, for a complete list please refer to the actual course curriculum.

By the end of this course, you will be ready to reap the benefits…

You’ll be able to add a new revenue stream and start earning additional income hosting your own sites using NGINX. There will be numerous new services you will be adding to your resume as a web developer. You will be able to charge for numerous new services – site hosting, site optimization, Let’s Encrypt SSL certificate installation and renewal, backups and even a monthly maintenance fee.

This course is not a lab experiment with no real-world application.

This course was not designed to be completed locally, on your pc or mac or using one of the many available “Virtual Machines”. Oracle’s VirtualBox is one example. The aim of the course is to instruct you on how to setup a secure/hardened hosting environment and then host multiple hardened WordPress sites on a commercially purchased VPS or dedicated server.

I want you to able to look at server logs and see how malicious users and bots are scanning your server, probing and looking for vulnerabilities. You need to be able to see the result of your hardening – banning, blocking, rate limiting – in your server logs. This cannot be done in a Virtual Machine.

All that’s left is for you to sign up for this course and start your wonderful journey as your very own systems administrator running multiple WordPress sites using the latest Ubuntu release and NGINX.

Who this course is for:

  • Anyone who wants to host WordPress sites using nginx
  • Anyone who wants to move from shared hosting to self-managed – VPS or DEDICATED SERVER hosting
  • Anyone who wants to upgrade from slow and oversubscribed shared web hosting servers to your own blazingly fast VPS or DEDICARED SERVERS
  • Frustrated with your current web hosts support, learn to do it yourself with this course, become your own sys admin, its easy!!!
  • Anyone who is looking for a new income stream, you can boost your income drastically, by offering additional services that this course will teach you

Course content

23 sections • 125 lectures • 15h 44m total length

  • Preview17:34

  • Introduction

    02:30

  • Distributions

    04:14

  • Terminal Emulator

    02:50

  • Terminal Window

    09:54

  • File System

    15:59

  • Users and Groups

    02:38

  • Ownership and Permissions

    18:00

  • Nano & Configuration Files.

    02:37

  • Server Fingerprint & SSH Key Authentication

    05:25

  • Bash Scripts, Cron Jobs & Section Conclusion

    08:13

  • Software

    11:51

  • Web Hosts and Servers

    17:26

  • First Login as ROOT – Part 1

    10:08

  • First Login as ROOT – Part 2

    11:00

  • Introduction

    01:06

  • Using SUDO

    03:35

  • SSH Key Authentication

    14:59

  • Config File

    07:37

  • Server Updates

    08:35

  • Firewall

    15:14

  • Fail2Ban

    16:33

  • Introduction and Setting the Server TimeZone

    05:08

  • SWAP

    10:15

  • Harden Shared Memory

    03:28

  • Harden and Optimize the Network Layer

    07:11

  • Tuned

    03:22

  • Congestion Control

    01:54

  • File Access Times

    03:47

  • Open File Limits

    06:22

  • Configuring the DNS

    04:14

  • Introduction, Repos and APT

    08:14

  • Installing NGINX, MARIADB and PHP8.1

    16:47

  • Configuring the Server to Send Mail without Plugins – Part 1

    15:25

  • Configuring the Server to Send Mail without Plugins – Part 2

    10:18

  • NGINX Configuration files – Part 1

    11:22

  • NGINX Configuration files – Part 2

    14:56

  • Introduction & the INCLUDE Directive

    04:32

  • The main nginx configuration file – nginx.conf – Part 1

    09:56

  • The main nginx configuration file – nginx.conf – Part 2

    08:59

  • Prevent and Fix the Too Many Open Files Issue

    03:33

  • Bash Aliases

    07:52

  • Harden MariaDB

    03:46

  • Optimize MariaDB – Part 1

    10:18

  • Optimize MariaDB – Part 2

    12:19

  • MySQLTuner

    03:47

  • Prevent and Fix the Too Many Open Files Issue

    04:05

  • Harden PHP 8.1

    06:54

  • Optimize PHP 8.1

    12:03

  • Prevent and Fix the Too Many Open Files Issue

    04:11

  • File and Directory Structure

    16:07

  • NGINX Server Blocks – Part 1

    06:53

  • NGINX Server Blocks – Part 2

    06:37

  • NGINX Server Blocks – Part 3

    08:57

  • NGINX Server Blocks – Part 4

    09:11

  • Database Administration

    08:44

  • Installing WordPress – Part 1

    11:25

  • Installing WordPress – Part 2

    11:37

  • Introduction

    00:56

  • SSL – Installing SSL Certificates

    08:04

  • SSL – NGINX HTTPS Configuration

    11:13

  • SSL – NGINX Secure Server Blocks

    13:40

  • SSL – HTTPS Everywhere

    02:24

  • SSL – Certbot Commands

    07:00

  • HTTP Response Headers

    10:37

  • Ownership & Permissions Part 1

    08:45

  • Ownership & Permissions Part 2

    07:36

  • Ownership & Permissions Part 3

    10:29

  • Using NGINX Directives to Harden Your WordPress Site

    05:27

  • Stop Brute Force Attacks Using Nginx

    09:03

  • Hot Linking Protection

    02:21

  • Nginx DDoS Protection

    09:27

  • Web Application Firewall

    05:15

  • Introduction to WordPress Optimization

    02:32

  • Server Side Optimization

    03:51

  • Application (WordPress) Side Optimization

    02:04

  • Caching WordPress

    11:21

  • Static & Dynamic WP Sites

    01:10

  • Implementing a Caching Policy – Introduction – Part 1

    03:27

  • Implementing a Caching Policy – FastCGI Caching – Part 2

    14:18

  • Implementing a Caching Policy – FastCGI Caching – Part 3

    12:42

  • Implementing a Caching Policy – FastCGI Caching – Part 4

    03:56

  • Implementing a Caching Policy – W3TC & Redis – Part 5

    17:49

  • Implementing a Caching Policy – W3TC & Redis – Part 6

    13:33

  • Configure & Optimize PHP-FPM – Part 1

    09:32

  • Configure & Optimize PHP-FPM – Part 2

    05:20

  • Cloudflare – Part 1

    06:42

  • Cloudflare – Part 2

    03:11

  • Cloudflare – Part 3

    06:48

  • Server Updates

    03:29

  • AV & Malware Scanning – Part 1

    11:04

  • AV & Malware Scanning – Part 2

    09:01

  • WordPress Updates

    07:20

  • Database Tuning

    04:28

  • phpMyAdmin – Part 1

    08:59

  • phpMyAdmin – Part 2

    08:29

  • phpMyAdmin – Part 3

    03:50

  • PHP-FPM Tuning

    00:43

  • Site & Server Monitoring

    02:55

  • Moving a WP Site

    08:19

  • WPCLI

    00:59

  • WordPress Site Backups

    00:51

  • WordPress Plugins

    01:31

  • sFTP – FileZilla

    07:09

  • Creating a Content Security Policy – Part 1

    10:22

  • Creating a Content Security Policy – Part 2

    06:30

  • Creating a Content Security Policy – Part 3

    04:05

  • Creating a Content Security Policy – Part 4

    08:25

  • Creating a Content Security Policy – Part 5

    01:46

  • Log Rotation Policy

    05:27

  • Nginx – Deny IP Access, Cleanup CONF Files and Setting the Backlog

    06:33

  • Nginx DDOS Protection – Final Configuration

    07:20

  • Introduction

    01:38

  • Hosting Additional Sites – Domain – Part 1

    09:23

  • Hosting Additional Sites – Domain – Part 2

    09:01

  • Hosting Additional Sites – Domain – Part 3

    02:08

  • Hosting Additional Sites – Domain – Part 4

    07:20

  • Hosting Additional Sites – Domain – Part 5

    08:04

  • Hosting Additional Sites – SubDomain – Part 1

    06:58

  • Hosting Additional Sites – SubDomain – Part 2

    08:46

  • Hosting Additional Sites – SubDomain – Part 3

    02:17

  • Hosting Additional Sites – SubDomain – Part 4

    08:23

  • Hosting Additional Sites – SubDomain – Part 5

    08:45

  • Hosting Additional Sites – SubDomain – Part 6

    06:51

  • Course Conclusion

    02:29

Instructor

Andrew Eaton
WordPress and Linux Guru
Andrew Eaton

  • 4.8 Instructor Rating
  • 1,248 Reviews
  • 6,093 Students
  • 6 Courses

I am Andrew Eaton. I’m former IT lecturer that specialized in programming, databases and systems analysis.

Part of my job involved breaking down and explaining complex technical detail to students. My policy was to try and use only technical detail if it was absolutely necessary to help the students understand the point. I’ve adopted the same style with my Udemy Courses, I’ll use clear concise English, trying to keep the technical terms to an absolute minimum.

My current full time job is administering my 100+ WordPress sites that are hosted on various servers around the world. All my sites are hosted on unmanaged virtual private servers or dedicated servers.

Leave a Reply

The maximum upload file size: 500 MB. You can upload: image, audio, video, document, spreadsheet, interactive, other. Links to YouTube, Facebook, Twitter and other services inserted in the comment text will be automatically embedded. Drop file here