What you'll learn:
- Setup, from scratch, a hardened and optimized VPS or dedicated server
- Configure a hardened and optimized hosting environment using Nginx, MariaDB and PHP8.1
- Harden WordPress the correct way - installing a security plugin doesn't harden WordPress
- Optimize WordPress from the server side - learn how to configure server-side caching, which is far superior to any caching plugin
- Learn how to keep your server secure and your WordPress sites hardened from attack by implementing DDoS and brute force attack protection
This course is based on the latest Ubuntu Server Long Term Support Release 22.04
This is a beginner's course that assumes you have no knowledge configuring a Linux server, server administration or NGINX.
New to Linux or server administration? Included in the course, is an absolute beginners "crash" Linux course. This 1 hour "course within a course" will teach you the commands, terminology and procedures as it relates to this course.
This course is NGINX is a high-performance web server that is responsible for serving almost all of the most popular sites in the world.
We start with a blank slate and layer by layer configure the perfect nginx server. I will teach you, step by step, to a point where you will have the skill, knowledge and confidence to host multiple hardened WordPress sites, on an unmanaged VPS or dedicated server, using nginx.
You will need no support from your host. You will be your own system administrator.
This course covers the entire spectrum of configuring an Ubuntu based NGINX server. We will cover everything from initial server configuration to hardening and optimizing the server distribution.
Some of the server optimization and hardening steps will include the following topics:
SSH Key authentication
Setting up both Uncomplicated Firewall and a "Cloud Firewall"
Brute force attack protection
SWAP
Harden Shared Memory
Harden and Optimize the Network Layer
Tuned and Congestion Control
File Access Times and setting the Open File Limits
Then we install, harden and optimize Nginx, MariaDB and php8.1. Although the default installations of Nginx, MariaDB and PHP8.1 are fairly well hardened, we will spend over 1.5 hours hardening and optimizing Nginx, MariaDB and PHP8.1
Then we install our first WordPress site. We then start the process of hardening and optimizing WordPress. Installing a caching and security plugin does not optimize or harden a WordPress site. Some "security plugins" are a source of vulnerabilities themselves.
Almost 4 hours of the course is dedicated to hardening and optimizing WordPress. We look at hardening and optimizing WordPress from the server side and layer by layer we will harden our site.
Some of the hardening topics include:
Installing SSL certificates and configuring automatic renewal of those certificates.
Securing the http response headers
Setting the correct ownership and permissions on the WP files and directories
Using nginx directives to protect important parts of our site
Hot linking protection to stop other sites from stealing our bandwidth and driving up server costs
Nginx DDoS protection
Setting up a web application firewall
When it comes to optimizing WP, we will look at the process from both the server-side and the application (WordPress) side.
On the server-side we will cover the following:
optimizing the operating system - prior to optimizing WordPress
optimizing nginx - prior to optimizing WordPress
configuring php-fpm according to your server resources - prior to optimizing WordPress - set to low your site slows down, set to high and your server will crash
server-side caching - fastcgi caching is brilliant
replacing WP cron with a real cron
On the application or WordPress side you need to look at the following:
Caching plugin - W3 Total Cache
Optimizing images
Post revisions policy
Optimizing the database
Combining and minifying CSS and JS
Throughout the course, the principle of install only what's needed, then harden and optimize is followed. The most important aspect of any server is security. I don't just glance over this aspect, every configuration step you will take is geared towards security. We will optimize the server, but not at the expense of lax security.
It's impossible to list all the hardening and security layers we implement in this section, for a complete list please refer to the actual course curriculum.
By the end of this course, you will be ready to reap the benefits...
You'll be able to add a new revenue stream and start earning additional income hosting your own sites using NGINX. There will be numerous new services you will be adding to your resume as a web developer. You will be able to charge for numerous new services - site hosting, site optimization, Let's Encrypt SSL certificate installation and renewal, backups and even a monthly maintenance fee.
This course is not a lab experiment with no real-world application.
This course was not designed to be completed locally, on your pc or mac or using one of the many available "Virtual Machines". Oracle's VirtualBox is one example. The aim of the course is to instruct you on how to setup a secure/hardened hosting environment and then host multiple hardened WordPress sites on a commercially purchased VPS or dedicated server.
I want you to able to look at server logs and see how malicious users and bots are scanning your server, probing and looking for vulnerabilities. You need to be able to see the result of your hardening - banning, blocking, rate limiting - in your server logs. This cannot be done in a Virtual Machine.
All that's left is for you to sign up for this course and start your wonderful journey as your very own systems administrator running multiple WordPress sites using the latest Ubuntu release and NGINX.