Optimizing Nginx Config for Your Website or Blog

In this guide I will present my Nginx optimization tips for your website or blog. Nginx is a free, open-source, high-performance HTTP server and reverse proxy, best known for its performance, stability, rich feature set, simple configuration, and low resource consumption. My discussions here will be based on the actual…

Get Two Public IPs on an Amazon EC2 Instance for Free

In this quick tutorial I would like to share a method to get two public IP addresses on a single Amazon EC2 instance for FREE (i.e. without paying extra for that second IP). This is useful if you run multiple SSL sites on an instance, for example. The method…

Securing Your Server using IPset and Dynamic Blocklists

As a dedicated server or Virtual Private Server (VPS) owner, one of the important tasks is to defend against online attacks. IPTables allows a sysadmin to filter traffic by configuring the tables provided by the Linux kernel firewall. In this tutorial I will discuss how to use IP sets with…

IPTables GeoIP, Port Knocking and Port Scan Detection

Here's a quick tutorial on how to enable extra IPTables functionality such as "GeoIP", "Port Knocking" and "Port Scan Detection" with modules provided by xtables-addons. See the full list of available modules. Note 1: Works on dedicated servers as well as on any KVM or XEN VPS; does NOT work…

Check Your Server for Malware from SSH Attacks

Defending against SSH brute force attacks is a crucial task for any Dedicated Server or Virtual Private Server (VPS) owner. We all know that cleaning a compromised server is extremely difficult, and the best way out is always to fully wipe and reinstall, or restore from a clean backup. What…

Using SSHFS to Share Folders Between Your Servers

In this tutorial I will guide you through the steps to set up SSHFS for sharing folder(s) among your servers. We will use autossh which has the nice "automatic reconnect" capability. Also included are settings such as "chroot" and "SSH key restrictions" which will strengthen security. These instructions have…

IPsec/L2TP VPN Auto Setup for Ubuntu with Libreswan

In this guide I will present you with my script for automatically setting up IPsec/L2TP VPN on an Ubuntu 14.04 or 12.04 LTS server. We will be using Libreswan as the IPsec server, and xl2tpd as the L2TP provider. Introduction An IPSec/L2TP VPN encrypts your network…

Install Ghost 0.4.2 with Nginx and Naxsi on Ubuntu

Update: A new Ghost blog version 0.6 is out. To learn how to install this new version, see my other guide on Ghost w/ Nginx and ModSecurity. Ghost is an exciting and fast-growing blogging platform built upon the high-performing Node.js technology. It can be run behind Nginx with…