← Back to knowledge

Security

How to install Certbot

Certbot issues free, trusted SSL certificates from Let's Encrypt and renews them before they expire. Here is how to install it on Ubuntu, issue your first certificate, and keep it renewing on its own.

30 June 2026 Security

How to renew SSL certificates automatically

Let's Encrypt certificates last 90 days, so renewal has to be automatic. Here is how to set up Certbot to renew every certificate and reload Nginx on its own.

30 June 2026 Security

How to generate a CSR with OpenSSL

A CSR (Certificate Signing Request) is the file you send to a certificate authority to request an SSL certificate. Here is how to generate one, and its private key, with openssl.

23 June 2026 Security

What is an SSH key

An SSH key is a pair of cryptographic keys used to log in to servers and services without a password. The public key lives on the server, the private key stays on your machine, and only the two together grant access.

23 June 2026 Security

How to generate a self-signed certificate with OpenSSL

A self-signed certificate lets you serve HTTPS for local development or internal services without going through a certificate authority. Here is how to create one with openssl.

23 June 2026 Security

Convert SSL certificate formats with OpenSSL

Certificates come in PEM, CRT, CER, DER, and PFX formats, and software is picky about which one it wants. Here are the openssl commands to convert between all of them.

23 June 2026 Security

How to generate an SSH key

Here is how to generate an SSH key pair on Linux, macOS, or Windows and add the public key to a server, GitHub, or GitLab.

23 June 2026 Security

How to check SSL certificate expiration

Here is how to check when an SSL certificate expires, both for a live website and for a certificate file on disk, using openssl from the command line.

23 June 2026 Security

How to change the SSH port on Ubuntu

Moving SSH off the default port 22 cuts down on automated brute-force noise in your logs. Here is how to do it safely on Ubuntu, including the socket-activation change that catches people out on 24.04, without locking yourself out.

23 June 2026 Security

How to configure rate limiting in nginx

Rate limiting protects login pages, APIs, and expensive endpoints from abuse and brute-force attacks. nginx does this with the built-in limit_req module. Here is how to configure it.

23 June 2026 Security

What is an SSL certificate chain

An SSL certificate chain links your website's certificate back to a trusted root certificate. When a link in that chain is missing, browsers and command line tools reject the connection even though the certificate itself is perfectly valid.

23 June 2026 Security

How to setup OpenClaw securely on your own VPS

OpenClaw is a powerful open-source AI assistant that runs on your own infrastructure. Learn how to deploy it securely on a VPS to avoid common security pitfalls.

4 February 2026 Security

How to get A+ grade SSL using Cloudflare

By default Cloudflare configures your security for SSL and HTTPS traffic for maximum connectivity and not for best security. Connectivity and security are unexchangeable, by letting more old insecure clients connect, you lower the bar for all clients that connect to your website.

24 September 2024 Security

How to optimize web application security

There are a lot of features you can use to increase overall security of your website or web app.

6 December 2022 Security

How to extract the certificate from a PFX file

Sometimes you receive a PFX file, which is a file that bundles both certificate and private key of a SSL certificate. Here's how to extract the certificate.

10 August 2022 Security

How to extract private key from PFX file

Sometimes you receive a PFX file, which is a file that bundles both certificate and private key of a SSL certificate. Here's how to extract the private key.

10 August 2022 Security