Your Site Is Not Down. DNS Might Be Lying.
The browser said the site was gone. The server was answering fine.
curl --resolve example.com:443:203.0.113.10 https://example.com/
linux fixes you can inspect first
Fix the Linux problem in front of you.
Short, copyable commands for common Linux, hosting, server, and terminal problems. Every published fix includes safety notes, when not to use it, and simulated output from a disposable demo environment.
Current library
85 checked one-liners across Linux basics, web hosting, dangerous commands, and server triage.
85/85 commands have disposable demo output.
verified fixes
Start here
Find the Files Eating Your Disk
The disk was full, but guessing at folders was the slow part.
find /var -type f -printf '%s %p\n' | sort -nr | head -20
Run Rsync Without Deleting Your Backup
One rsync flag can save you. Another can erase the wrong side.
rsync -avhn --delete ./source/ ./backup/
Watch Logs Without Opening the Whole File
The app was failing now. Opening a giant log file was the wrong move.
tail -n 80 -f /var/log/nginx/error.log
Find Errors Before Reading Every Log Line
The error was in the log. The problem was finding it without reading noise.
grep -iE 'error|failed|denied|timeout' /var/log/nginx/error.log | tail -40
Check What Is Actually Listening
The app was running. The port was not listening.
ss -tulpn | grep ':80\|:443'
Inspect Permissions Before Changing Them
The permission fix was easy. Knowing what not to chmod was the hard part.
namei -l /var/www/example/index.html
Find the Exact Log Line Before You Scroll
The error was there. The useful part was knowing exactly where it was.
grep -inE 'error|failed|denied|timeout' /var/log/nginx/error.log
Find Which Folder Is Filling the Disk
The disk was full. The fastest clue was the folder, not the file.
du -sh /var/* 2>/dev/null | sort -h
Show Only Recent Errors
The log had old failures too. I only cared about the newest ones.
grep -iE 'error|failed|denied|timeout' /var/log/nginx/error.log | tail -10
Preview What Rsync Would Delete
`rsync --delete` is useful. It is also how people erase the wrong side.
rsync -avhn --delete ./source/ ./backup/ | grep '^deleting'
Check Owner and Mode in One Line
The file existed. The owner and mode explained why it still failed.
stat -c '%A %U:%G %n' /var/www/example/index.html
Find the Processes Using Memory
The server felt slow. Memory pressure was the first thing to rule out.
ps -eo pid,comm,%mem,%cpu --sort=-%mem | head
Show Big Files in Human Units
Byte counts are precise. Human units are faster under pressure.
find /var -type f -printf '%s %p\n' | sort -nr | head -10 | awk '{printf "%.1f MB %s\n", $1/1024/1024, $2}'
Find What Is Using a Local Dev Port
Your dev server says port 3000 is busy. Ask macOS who is holding it.
lsof -nP -iTCP:3000 -sTCP:LISTEN
Stop the Process Blocking a Dev Port
Free a stuck dev port without hunting through Activity Monitor.
lsof -ti tcp:3000 | xargs kill
Show Your PATH One Entry Per Line
Wrong Node, Python, or FFmpeg? Start by reading your PATH clearly.
echo "$PATH" | tr ':' '\n' | nl -ba
See Exactly Which Command macOS Will Run
Before blaming npm, Python, or Git, check the binary your shell actually found.
command -v node && node -v
Find Large Files Inside a Project
Before committing, check whether a huge video, build artifact, or export slipped into your repo.
find . -type f -size +100M -print
Find Which Folder Is Eating Disk Space
When your Mac is full, start with the biggest folders in the current directory.
du -sh ./* 2>/dev/null | sort -h
Flush macOS DNS Cache
Changed DNS but your Mac still visits the old place? Flush the resolver cache.
sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder
Watch a Log or Build File Update
Need to see whether a file is still changing? Let tail follow it live.
tail -f ./app.log
Search a Log for Errors With Context
A wall of logs is useless until you pull the error and the lines around it.
grep -n -C 2 'ERROR' ./app.log
Check a URL Without Downloading the Page
Before opening a broken page in five browsers, ask the server for headers.
curl -I https://example.com
Tail the Failing CI Lines
Skip the full CI log and jump straight to lines that usually explain the failure.
grep -RInE 'error|failed|exception|traceback|fatal' logs/ | tail -50
List Newest Build Artifacts
Confirm what your pipeline actually produced before you deploy it.
find artifacts/ -type f -printf '%TY-%Tm-%Td %TH:%TM %10s %p\n' | sort | tail -20
Check the Current Release Symlink
One glance tells you which release directory production is pointing at.
readlink -f releases/current && ls -ld releases/current
Find the Largest CI Logs
Huge logs often point to loops, noisy tests, or runaway debug output.
find logs/ -type f -printf '%s %p\n' | sort -nr | head -10
Show Release Directory Ages
See your newest release directories without opening a dashboard.
find releases/ -mindepth 1 -maxdepth 1 -type d -printf '%T@ %TY-%Tm-%Td %TH:%TM %p\n' | sort -nr | head -10 | cut -d' ' -f2-
Extract Environment Names Only
Audit environment labels without printing secret values.
grep -RhoE 'ENVIRONMENT|NODE_ENV|APP_ENV|RAILS_ENV' config deploy | sort -u
Smoke Check an HTTP Status
A deploy is not done until the endpoint answers.
curl -fsS -o /dev/null -w '%{http_code} %{time_total}s\n' https://example.com/health
Compare Artifact Checksums
Verify two artifact copies match before blaming deployment code.
sha256sum artifacts/app.tar.gz releases/current/app.tar.gz
Count Failures by Test File
Turn noisy test logs into a ranked failure list.
grep -RhoE '[A-Za-z0-9_./-]+\.(test|spec)\.(js|ts|py|rb)' logs/ | sort | uniq -c | sort -nr | head
Inspect Release Disk Usage
Disk pressure during deploys often starts in old release directories.
du -sh releases/* 2>/dev/null | sort -h | tail -10
Check Image Tags in Manifests
Find the image tags your deployment files reference without printing env values.
grep -RhoE 'image:[[:space:]]*[^[:space:]]+' deploy/ | sort -u
Show Containers in a Clean Triage Table
Turn noisy docker ps output into the few fields operators scan first.
docker ps -a --format 'table {{.Names}}\t{{.Status}}\t{{.Image}}\t{{.Ports}}'
Find Restarting Containers Fast
Restart loops hide in plain sight unless you filter for them.
docker ps -a --filter status=restarting --format 'table {{.Names}}\t{{.Status}}\t{{.Image}}'
Check Container Health Status
Docker may say a container is running while its health check says otherwise.
docker inspect --format '{{.Name}} health={{if .State.Health}}{{.State.Health.Status}}{{else}}none{{end}} status={{.State.Status}}' web
Read Recent Container Logs
Skip the million-line log scroll and read only the recent failure window.
docker logs --since 10m --tail 100 api
Snapshot Container CPU and Memory
Get Docker resource usage once, without leaving a live dashboard running.
docker stats --no-stream --format 'table {{.Name}}\t{{.CPUPerc}}\t{{.MemUsage}}\t{{.NetIO}}\t{{.BlockIO}}'
Show Published Container Ports
When a service is unreachable, confirm Docker is publishing the port you think it is.
docker port web
Summarize Docker Disk Usage
See how Docker storage is split across images, containers, volumes, and cache.
docker system df -v
Inspect Container Environment Names
Check what environment variables exist without printing their secret values.
docker inspect --format '{{range .Config.Env}}{{println .}}{{end}}' api | sed 's/=.*$/=/'
See Container Network Attachments
A container can be healthy and still attached to the wrong network.
docker inspect --format '{{.Name}} {{range $name, $net := .NetworkSettings.Networks}}{{$name}} {{$net.IPAddress}} {{end}}' api
Review Recent Docker Events
Docker keeps a recent event trail for starts, stops, pulls, and health changes.
docker events --since 30m --until 0s
Test Nginx Before Reload
The config looked fine. Nginx disagreed before reload broke anything.
nginx -t
Show Enabled Nginx Sites
The config existed, but it was not enabled.
ls -l /etc/nginx/sites-enabled/
Find Which Nginx Config Owns a Domain
The wrong server block was answering the domain.
grep -R "server_name" /etc/nginx/sites-enabled/
Check HTTP to HTTPS Redirect
HTTPS worked. The plain HTTP redirect still mattered.
curl -I http://example.com
Inspect Response Headers
The page loaded, but the headers told the operational story.
curl -sI https://example.com
Check a Domain A Record
The site was fine. The domain was pointed somewhere else.
dig +short example.com A
List Certbot Certificates
The certificate existed. The question was which domains it covered.
certbot certificates
Check the Current Release Symlink
The deploy finished. The symlink told me what was actually live.
readlink -f /srv/www/example.com/current
Find Top 404 URLs
The missing file was not random. The access log had a pattern.
awk '$9==404 {print $7}' /var/log/nginx/access.log | sort | uniq -c | sort -nr | head
See Top Referrers
LinkedIn traffic was not a guess. The referrer field showed it.
awk -F'"' '{print $4}' /var/log/nginx/access.log | sort | uniq -c | sort -nr | head
Find the Processes Burning CPU
A server feels slow, but you need proof before restarting anything.
ps -eo pid,ppid,stat,pcpu,pmem,comm,args --sort=-pcpu | head -n 10
Find the Processes Eating Memory
Memory pressure can look like a slow app, a stuck deploy, or random crashes.
ps -eo pid,ppid,stat,pcpu,pmem,rss,comm,args --sort=-pmem | head -n 10
Check Memory Pressure with free
Linux memory numbers look scary until you know which column matters.
free -h
Read Load Average Before You React
A high load number is a clue, not a diagnosis.
uptime
Check Filesystem Space with df
A full disk can break logins, uploads, databases, and deploys.
df -h
Check Inodes When Disk Space Looks Fine
Sometimes the disk has free bytes but still cannot create files.
df -ih
Find Large Directories with du
Once you know a filesystem is full, the next question is where.
du -xh --max-depth=1 /var 2>/dev/null | sort -h
Find Listening Ports with ss
Before blaming the firewall, check whether anything is actually listening.
ss -ltnp
Find Open Deleted Files with lsof
A file can be deleted but still occupy disk while a process holds it open.
lsof +L1
Inspect Established Network Connections
Unexpected connections are easier to reason about when you can see them directly.
ss -tan state established
Show Failed systemd Units
One command tells you which services systemd already knows are broken.
systemctl --failed --no-pager
Inspect One Service Without Pager Traps
Make systemctl status safe for scripts, screenshots, and quick incident notes.
systemctl status nginx --no-pager --lines=30
Read Current-Boot Logs for One Service
Ignore stale logs and inspect only what happened since this boot.
journalctl -u nginx -b --no-pager -n 80
Check systemd Journal Disk Usage
Before deleting random logs, ask journald how much disk it owns.
journalctl --disk-usage
Find Slow Services During Boot
Find which units made your VPS boot slowly.
systemd-analyze blame | head -20
Check Whether a Service Starts at Boot
Running now does not mean it will survive the next reboot.
systemctl is-enabled nginx
Check If a Service Is Active
Get a clean yes-or-no service state without the full status page.
systemctl is-active nginx
Show Recent Server Reboots
Confirm whether the server actually rebooted and when.
last -x reboot | head -5
Check Memory Pressure Quickly
See whether memory is actually tight before restarting services.
free -h
List Upcoming systemd Timers
Cron is not the only scheduler on modern Linux servers.
systemctl list-timers --all --no-pager
Summarize HTTP Status Codes
Before chasing individual lines, get the shape of the whole log.
awk '{count[$9]++} END {for (code in count) print count[code], code}' ./fixtures/nginx/access.log | sort -nr
Find the IPs Creating the Most 4xx Noise
One address can turn a normal access log into a wall of failed requests.
awk '$9 ~ /^4/ {count[$1]++} END {for (ip in count) print count[ip], ip}' ./fixtures/nginx/access.log | sort -nr | head
Group Server Errors by URL Path
A 500 spike is easier to triage when the broken path is obvious.
awk '$9 ~ /^5/ {count[$7]++} END {for (path in count) print count[path], path}' ./fixtures/nginx/access.log | sort -nr | head
Spot Unusual HTTP Methods in Access Logs
Most site traffic is boring. The weird methods are worth a look.
awk '$6 !~ /^"(GET|POST|HEAD|OPTIONS)$/ {print $1, $6, $7, $9}' ./fixtures/nginx/access.log | sort | uniq -c | sort -nr
Count the Most Common User Agents
A strange traffic spike often has a strange user agent.
awk -F'"' '{print $6}' ./fixtures/nginx/access.log | sort | uniq -c | sort -nr | head
Find Common Admin Probe Paths
A site does not need WordPress to receive WordPress-looking probes.
awk '$7 ~ /(admin|login|wp-|phpmyadmin)/ {print $1, $7, $9}' ./fixtures/nginx/access.log | sort | uniq -c | sort -nr | head
Find Paths Repeatedly Returning 404
One missing URL is normal. A repeated missing URL is a signal.
awk '$9==404 {count[$7]++} END {for (path in count) if (count[path] >= 3) print count[path], path}' ./fixtures/nginx/access.log | sort -nr | head
Spot Request Bursts by Minute
Traffic spikes are easier to read when you bucket them by time.
awk '{minute=substr($4,2,17); count[minute]++} END {for (m in count) print count[m], m}' ./fixtures/nginx/access.log | sort -nr | head
Find Unusually Large Web Responses
A few huge responses can explain bandwidth, latency, and suspicious download patterns.
awk '$10 ~ /^[0-9]+$/ && $10 > 1000000 {print $10, $1, $7, $9}' ./fixtures/nginx/access.log | sort -nr | head
Find Clients Repeating the Same Path
The suspicious pattern is sometimes one client hammering one URL.
awk '{key=$1 " " $7; count[key]++} END {for (k in count) if (count[k] >= 5) print count[k], k}' ./fixtures/nginx/access.log | sort -nr | head
problem areas
Browse by what broke
Use the category that matches the problem: disk pressure, logs, permissions, Nginx, DNS, defensive checks, or Mac terminal work.
Linux Survival Basics
The commands to inspect a machine before guessing.
Web Server Rescue
Small checks that separate DNS, TLS, Nginx, and app failures.
Dangerous Commands
Commands worth understanding before copying from the internet.
Cybersecurity Triage
Defensive commands for checking exposure, logs, permissions, and suspicious activity.
Hosting Operations
Web hosting, SSL, DNS, Nginx, deployment, backups, and VPS management.
Apple Terminal
macOS and Apple-adjacent terminal workflows for developers and power users.
how to read a fix
Copy less blindly
- Start with the problem statement and check that it matches your situation.
- Read the danger rating and the “when not to use it” note.
- Compare your expected output to the simulated output.
- Copy the command only after the context makes sense.
demo vessel
See example output first
Each demo uses fake files, fake services, and safe fixtures so you can see what the command does before trying it on a real machine.
quality bar
No mystery pastebin commands
Every fix needs a clear use case, safety notes, recovery guidance, and a reproducible example.
Required
Problem, command, danger rating, when not to use it, undo or recovery, expected output, and demo commands.
Distribution
Short demos and transcripts are generated from the same checked lesson data.
Business signal
Useful pages get expanded into deeper guides, videos, and related troubleshooting paths.
project feeds
Machine-readable outputs
These feeds support videos, transcripts, and future tooling. Most readers can ignore them.
Shorts metadata
Titles, captions, target duration, playlist, and voiceover seed text.
LinkedIn post seeds
Hooks, command snippets, questions, and calls to action for engagement testing.
Analytics event contract
Privacy-light events to measure copy clicks, export clicks, lesson depth, and outbound video intent.
roadmap
What is being added next
The library is expanding by problem area: Linux basics, hosting, security triage, macOS, CI/CD, and data workflows.
- publish ten Linux Survival Basics lessons to test search demand
- add web hosting, DNS, SSL, and VPS troubleshooting fixes
- add defensive cybersecurity triage commands
- add Apple/macOS terminal fixes
- add comments with SSO after moderation controls are ready
- collect first-party page, click, copy, scroll, referrer, viewport, and timing events
- expand useful pages into short videos and deeper troubleshooting paths