https://elijahu.me/portfolio/tags/lemp/Infrastructure & Cloud Engineering portfolio by Elijah Udom (elijahu) — AWS, Kubernetes, eBPF Security, AI/ML Infrastructure, and Platform Engineering projects.Hugo -- gohugo.ioenSat, 03 May 2025 00:00:00 +0000https://elijahu.me/portfolio/projects/hardened-web-server/Sat, 03 May 2025 00:00:00 +0000https://elijahu.me/portfolio/projects/hardened-web-server/“Default configs aren’t secure. They’re defaults — built for compatibility, not production. Running SSL Labs against a stock Nginx install and getting a B or F isn’t a surprise. It’s the expected result.” This is a full hardening walkthrough for a LEMP stack on Ubuntu 22.04 — Nginx TLS configuration, PHP-FPM lockdown, MySQL least-privilege setup, firewall, Fail2Ban, and what the actual path to A+ on SSL Labs looks like. Not the happy path.