#infrastructure
All articles tagged #infrastructure — practical guides from production experience.
Browse by category
Filter by topic
52 posts tagged #infrastructure · page 6 of 6
CIS Windows Server Level 1 Hardening: What Actually Matters in Production
CIS Windows Server Level 1 hardening in production — what breaks, what to apply first, and how to avoid NTLM lockouts, audit log disk exhaustion, and service account outages.
CIS Level 1 Ubuntu Hardening: A Field-Tested Production Guide
CIS Level 1 Ubuntu hardening guide covering filesystem, SSH, sysctl, and audit logging — with real production pitfalls, configs, and a compliance checklist. Tested in enterprise environments.
Linux TIME_WAIT Explained: Why It Causes Connection Failures and How to Fix It
Linux TIME_WAIT exhausts ephemeral ports and causes ECONNREFUSED under load — even when your app is healthy. Learn what TIME_WAIT is, how to detect port exhaustion with ss and netstat, and the exact sysctl fixes that resolve it.
NGINX Upstream Keepalive Explained: Why Missing It Causes 502 Errors
Missing keepalive in your NGINX upstream block silently kills connections under load. Here's exactly what keepalive does, how TCP connection reuse works, and the production-ready config that stops 502s before they start.
Docker Ate My Disk: Fixing Log Rotation Before It Kills Production
How a single verbose container filled a 500GB disk in 72 hours, and the exact daemon.json config that stops it from ever happening again.
NGINX SSL Hardening: From C Grade to A+ on SSL Labs
A step-by-step walkthrough of the NGINX TLS configuration changes that take you from a mediocre SSL rating to a perfect score — without breaking compatibility.
Docker Networking Demystified: bridge, host, and overlay
The three Docker network modes that matter for production — what they actually do, when to use each, and the gotchas that'll bite you if you pick the wrong one.