The latest articles on DEV Community by Muhammad Kamran Kabeer (@muhammadkamrankabeeross). https://dev.to/muhammadkamrankabeeross https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3870183%2F4568d571-b1ba-46d9-97db-ebb02fea8d61.png https://dev.to/muhammadkamrankabeeross en Muhammad Kamran Kabeer Sat, 11 Apr 2026 04:40:31 +0000 https://dev.to/muhammadkamrankabeeross/stop-leaving-your-servers-open-hardening-linux-in-5-minutes-with-ansible-46a2 https://dev.to/muhammadkamrankabeeross/stop-leaving-your-servers-open-hardening-linux-in-5-minutes-with-ansible-46a2 <p>Hello, World! I’m Muhammad Kamran Kabeer.</p> <p>As an IT Instructor and the founder of MK EduOps Solutions, I often see students and small businesses focus on "getting things to work" while completely ignoring "getting things secured."Today, I’m sharing Lab 1 from my new series: The Hardened Gateway. We will use Ansible to automate the security of a Linux server on a Dell Latitude E7440 (or any Ubuntu/Debian machine).</p> <p>🛡️ Why "Default Deny"?<br> Most people try to block "bad" ports. The professional way is to deny everything and only open what you need. This is the "Zero-Trust" mindset.</p> <p>🛠️ The Automation Code<br> Here is the Ansible block I use to secure my lab environments:</p> <p>YAML</p> <ul> <li> <p>name: Lab 1 - The Hardened Gateway<br> hosts: localhost<br> become: yes<br> tasks:</p> <ul> <li>name: Ensure UFW is installed apt: { name: ufw, state: present }</li> <li>name: Set Default Policies to DENY community.general.ufw: { state: enabled, policy: deny, direction: incoming }</li> <li>name: Allow Essential Traffic community.general.ufw: { rule: allow, port: "{{ item }}", proto: tcp } loop: ['22', '80', '443', '81'] 🚀 The Result Running this ensures that only SSH and Web traffic can enter. Everything else—unsecured databases, internal APIs, or forgotten services—is hidden from the world.</li> </ul> </li> </ul> <p>Check out the full lab repository here:<a href="https://github.com/muhammadkamrankabeer-oss/MK-EduOps-Labs" rel="noopener noreferrer">https://github.com/muhammadkamrankabeer-oss/MK-EduOps-Labs</a></p> automation linux security tutorial Muhammad Kamran Kabeer Thu, 09 Apr 2026 16:21:08 +0000 https://dev.to/muhammadkamrankabeeross/how-i-automated-a-self-healing-wordpress-lab-using-ansible-docker-20m7 https://dev.to/muhammadkamrankabeeross/how-i-automated-a-self-healing-wordpress-lab-using-ansible-docker-20m7 <p>The Challenge</p> <p>As an IT educator, I wanted a lab environment that was stable, professional, and "self-healing." If a student (or a bug) crashes the site, I want it back up in seconds without manual work.<br> The Solution</p> <p>I built a stack on my Dell Latitude E7440 using:</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Vagrant &amp; Debian: To create a clean, isolated sandbox. Ansible: To automate the configuration (Infrastructure as Code). Docker: To run WordPress and MariaDB. Nginx Proxy Manager: To give it a professional URL (http://wordpress.test) instead of messy IP addresses. </code></pre> </div> <p>Why this matters</p> <p>By using Docker's restart_policy: always, if the WordPress container fails, the system "heals" itself immediately.</p> <p>[INSERT YOUR TWO SCREENSHOTS HERE: NPM Dashboard and WordPress Welcome Page]<br> Work with me!</p> <p>I am a professional educator and DevOps practitioner. If you need:</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Technical Writing: I can turn your complex code into clear tutorials. Lab Setup: I can help you automate your teaching environments. </code></pre> </div> <p>Feel free to reach out here or on LinkedIn!</p>