Issue and renew Let's Encrypt certificates with certonly and webroot authentication — full control of your Nginx configuration, no auto-generated edits, shared webroot directory, and a cron job that just works.
Configure Nginx to restore real visitor IPs behind Cloudflare — correct access logs, rate limiting, and IP-based access control with the ngx_http_realip_module.
Nginx is at its fastest when there's no backend to talk to. A complete guide to serving static sites — clean URLs, pre-compressed assets, aggressive caching, and security headers you can actually lock down.
A practical guide to hardening Nginx and PHP-FPM on a single-admin server: user separation, SSH key authentication, connection limits, rate limiting, and PHP configuration defaults that won't get you compromised.
A production-ready Nginx configuration for the flat-file Bludit CMS — directory protection, static caching, PHP-FPM tuning, and Cloudflare compatibility.