Backend 25,715 installs

secure-linux-web-hosting

by xixu-me/skills

Use when setting up, hardening, or reviewing a cloud server for self-hosting, including DNS, SSH, firewalls, Nginx, static-site hosting, reverse-proxying an…

Skill content

Secure Linux web hosting setup, hardening, and HTTPS configuration for self-hosted cloud servers.

- Guides users through nine phases: intake, prerequisites, secure access, firewall, web server, static site or reverse proxy, HTTPS, validation, and optional tuning

- Verifies distro-specific package names, service units, config paths, and ACME client guidance against official documentation before giving commands

- Enforces safety gates: key-based SSH must work before hardening, DNS must resolve before certificate issuance, HTTPS must load before forcing redirects

- Covers Nginx static-site hosting, reverse-proxy app setup, Let's Encrypt or ACME clients, SSH hardening, firewall rules, and post-launch network tuning like BBR

Overview

Use this skill to turn a cloud server into a safely reachable web host
without leaning on stale distro-specific memory or outdated Debian-10-era
tutorials.

This skill keeps the familiar teaching arc of a beginner-friendly server guide,
but turns it into a reusable operator workflow:

- Intake and routing

- Prerequisites

- Secure access

- Firewall and exposure

- Web server setup

- Static site or app proxy

- HTTPS

- Validation

- Optional advanced tuning