A practical guide to hardening Nginx and PHP-FPM on a single-admin server: user separation, SSH key authentication, connection limits, rate limiting, and PHP configuration defaults that won't get you compromised.

WordPress search queries can hammer your database and bring down a site under heavy load. Use Nginx rate limiting to cap search requests before they reach PHP.

Use Nginx's limit_req module to protect your site from HTTP floods and brute-force attacks — with real-world examples for static pages, PHP handlers, and login endpoints.

Basic authentication in Nginx is a quick way to gate a directory, an admin area, or an entire staging site behind a username and password. It's not a replacement for a full login system, but for internal tools, dev environments, or adding a second layer in front of something already protected, it does the job with almost no overhead.