Top Stories

How to Secure AWS EC2 Ubuntu with Letโ€™s Encrypt SSL (Certbot + Nginx)
Ankaj Gupta
February 05, 2026

How to Secure AWS EC2 Ubuntu with Let’s Encrypt SSL (Certbot + Nginx)

Install Let's Encrypt SSL on AWS EC2 Ubuntu (with Certbot & Nginx)

Step-by-step guide to securing your AWS EC2 Ubuntu instance with a free Let's Encrypt TLS/SSL certificate using Certbot and Nginx, updated for modern Ubuntu.

AWS EC2 Ubuntu server secured with Let's Encrypt SSL
Published: 10–12 min read

Let's Encrypt provides free TLS/SSL certificates so your website can use HTTPS. On AWS EC2 with Ubuntu, the easiest way to get and renew these certificates is with Certbot. This guide shows you how to secure an Nginx site on Ubuntu using the modern, Snap-based Certbot installation, inspired by older tutorials but updated for today's tooling.

๐Ÿ“š What You'll Learn

  • Prerequisites for using Let's Encrypt on an AWS EC2 Ubuntu instance
  • How to install Certbot using Snap (recommended for Ubuntu)
  • How to issue and auto-configure an HTTPS certificate for Nginx
  • How automatic renewal works and how to test it

1. Prerequisites

  • ✔ An AWS EC2 instance running Ubuntu (22.04 / 20.04 or similar)
  • ✔ A registered domain name pointing to your EC2 public IP (via DNS A/AAAA record)
  • ✔ Nginx installed and serving your site on HTTP (port 80)
  • ✔ SSH access with sudo privileges
Important: Let's Encrypt does not issue certificates for raw IP addresses (e.g. 192.168.1.10). You must use a real domain (like example.com) that resolves to your server.

2. Install Certbot on Ubuntu (Snap method)

Older guides used a Certbot PPA (e.g. ppa:certbot/certbot) and packages like python-certbot-nginx. On modern Ubuntu releases, the official recommendation is to use Snap instead. We'll start with the modern Snap approach and then, in the next section, briefly cover the legacy PPA method for older Ubuntu versions.

2.1 Update packages and install Snap 

sudo apt update
sudo apt install snapd -y

2.2 Install and refresh Snap core 

sudo snap install core
sudo snap refresh core

2.3 Install Certbot 

sudo snap install --classic certbot

Create a convenient symlink so you can run certbot directly: 

sudo ln -s /snap/bin/certbot /usr/bin/certbot

3. Legacy PPA-based Certbot install (older Ubuntu)

If you're running an older Ubuntu release (for example, 16.04 or 18.04) and can't use Snap, you may still find guides that use the ppa:certbot/certbot repository. This method is deprecated but helpful to understand if you maintain legacy servers.

3.1 Add Certbot PPA and dependencies

First, connect to your EC2 Ubuntu instance via SSH, then run: 

sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update

This installs the tools needed for managing PPAs, adds the Certbot repository, and refreshes your package index.

3.2 Install Certbot plugins for Apache or Nginx

Choose the package that matches your web server: 

# For Apache
sudo apt-get install python-certbot-apache

# For Nginx
sudo apt-get install python-certbot-nginx

These packages install Certbot plus the appropriate plugin to automatically edit your Apache/Nginx configuration.

3.3 Issue certificates (Apache or Nginx)

Once Certbot is installed, you can request certificates for one or more domains. The first domain is treated as the primary name, additional ones are aliases: 

# Apache example
sudo certbot --apache -d yourdomain.com -d www.yourdomain.com

# Nginx example
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com

Certbot will store your certificate and private key under /etc/letsencrypt/live/yourdomain.com/ and automatically update your virtual host / server block configuration in /etc/apache2/sites-available/ or /etc/nginx/sites-available/.

Note: On newer Ubuntu versions, this PPA-based flow may fail or be unavailable. Prefer the Snap method in section 2 whenever possible.

4. Obtain a Let's Encrypt SSL certificate for Nginx

Make sure Nginx is serving your site on port 80 and the domain points to this server. Then run Certbot's Nginx plugin, which will obtain a certificate and update your Nginx configuration automatically. 

sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com
  • Replace yourdomain.com and www.yourdomain.com with your real domain(s).
  • Certbot will ask for an email address and terms of service agreement.
  • You can choose whether to redirect all HTTP traffic to HTTPS (recommended).

5. Test automatic renewal

Let's Encrypt certificates are valid for 90 days. Certbot installs a systemd timer to renew them automatically. You can simulate a renewal to confirm everything is wired correctly: 

sudo certbot renew --dry-run

If you see no errors, your certificates will renew automatically before they expire.

6. Common issues & fixes

E: Unable to locate package python-certbot-nginx

This usually means you're following an old PPA-based guide. Remove the PPA and use the Snap method shown above instead.

Challenge failed / HTTP-01 validation errors

Ensure port 80 is open in your AWS security group and that your domain's DNS A/AAAA record points to this EC2 instance. Certbot must be able to reach http://yourdomain.com/.well-known/ during validation.

7. Summary

With Certbot and Let's Encrypt, you can secure your AWS EC2 Ubuntu instance with HTTPS in just a few commands. Compared to older PPA-based approaches, the Snap method is more reliable on modern Ubuntu versions and keeps Certbot up to date automatically.

certbot nginx certbot ppa not found free ssl certificate nginx ssl setup ssl ubuntu ubuntu certbot ssl
Read
Manage Multiple Python Versions on Ubuntu with Pyenv
Ankaj Gupta
February 05, 2026

Manage Multiple Python Versions on Ubuntu with Pyenv

Pyenv on Ubuntu: Install, Switch, and Manage Multiple Python Versions (Safely)

A practical, copy-paste friendly guide to installing pyenv, building Python versions, and keeping system Python untouched.

Thumbnail illustration for managing multiple Python versions on Ubuntu with pyenv
Published: 10–12 min read

Ubuntu ships with a “system Python” that OS tools rely on. Replacing or altering it can break package managers and system utilities. pyenv solves this by installing additional Python versions under your home directory and switching between them via lightweight shims—so your OS stays safe while your projects stay reproducible.

๐Ÿ“š What You’ll Learn

  • How pyenv works (shims + version selection)
  • Installing pyenv on Ubuntu (recommended method)
  • Installing a specific Python version and setting it globally/locally
  • Best practices: virtual environments, upgrades, and troubleshooting

1. Why pyenv (and why not replace system Python)

On Ubuntu, the system Python may be used by OS components and package tooling. pyenv installs additional Pythons under ~/.pyenv and selects them by updating your PATH to point at pyenv’s shims first.

✅ What you get

  • Multiple Python versions side-by-side (per user, no sudo)
  • Project-specific versions via .python-version
  • Simple switching: global, local, or shell session

⚠️ What to avoid

  • Don’t remove/replace Ubuntu’s system Python packages
  • Don’t rely on sudo pip for system installs

2. Install build dependencies (Ubuntu)

pyenv builds CPython from source, so you’ll need compilers and common libraries. Run: 

sudo apt update
sudo apt install -y \
  make build-essential libssl-dev zlib1g-dev \
  libbz2-dev libreadline-dev libsqlite3-dev \
  wget curl llvm libncursesw5-dev xz-utils tk-dev \
  libffi-dev liblzma-dev

If you later hit build errors (OpenSSL, zlib, bz2), revisit this step—missing system libraries are the #1 cause of pyenv install failures.

3. Install pyenv

The official installer script downloads pyenv and common plugins into ~/.pyenv. It does not automatically edit your shell files—you’ll do that in the next step. 

curl -fsSL https://pyenv.run | bash

Prefer not to pipe to bash? You can also install from the official GitHub repo; see references at the end.

4. Configure your shell (Bash / Zsh)

You need two things: put pyenv on PATH, and initialize it so the shims work. Add the snippet below to the appropriate file(s) for your shell.

Bash (Ubuntu default)

Add to ~/.bashrc: 

export PYENV_ROOT="$HOME/.pyenv"
[[ -d "$PYENV_ROOT/bin" ]] && export PATH="$PYENV_ROOT/bin:$PATH"
eval "$(pyenv init - bash)"

For login shells, also ensure PATH is set early (often ~/.profile on Ubuntu): 

export PYENV_ROOT="$HOME/.pyenv"
[[ -d "$PYENV_ROOT/bin" ]] && export PATH="$PYENV_ROOT/bin:$PATH"
eval "$(pyenv init --path)"

Zsh

Add to ~/.zshrc: 

export PYENV_ROOT="$HOME/.pyenv"
[[ -d "$PYENV_ROOT/bin" ]] && export PATH="$PYENV_ROOT/bin:$PATH"
eval "$(pyenv init - zsh)"

Restart your terminal (or run source ~/.bashrc) and verify: 

pyenv --version
pyenv root

5. Install a Python version (example: Python 3.12)

First, list available versions and pick the exact patch release you want: 

pyenv install --list | grep -E "^\s*3\.12\."

Then install one of the listed versions (replace 3.12.x with a real value from your list): 

pyenv install 3.12.x

6. Switch Python versions (global / local / shell)

๐ŸŒ Global

Default for your user account. 

pyenv global 3.12.x
python --version

๐Ÿ“Œ Local (per project)

Writes .python-version in the folder. 

cd your/project
pyenv local 3.12.x

⏱️ Shell (this terminal only)

Temporary override for the current session. 

pyenv shell 3.12.x

Use pyenv versions to see what’s installed and what’s active.

7. Best practice: use virtual environments

pyenv selects the Python interpreter. For project dependencies, still use an isolated environment: 

python -m venv .venv
source .venv/bin/activate
python -m pip install -U pip

๐Ÿง  Tip: keep it predictable

Commit .python-version (pyenv) and a dependency lock strategy (requirements.txt, poetry.lock, etc.) so teammates and CI use the same interpreter and packages.

8. Troubleshooting common pyenv install issues

“python-build: error: … OpenSSL / zlib / bz2 …”

Re-check the Ubuntu build dependencies from Step 2. Missing libssl-dev, zlib1g-dev, or libbz2-dev is very common.

“pyenv: command not found”

Your shell isn’t loading pyenv yet. Confirm you added the init snippet to the right file, then restart the terminal. Also run echo $SHELL to confirm whether you’re using bash or zsh.

References

pyenv Python ubuntu
Read
Docker Overview - From Operating Systems to Containers
Ankaj Gupta
November 19, 2025

Docker Overview - From Operating Systems to Containers

Docker Overview: From Operating Systems to Containers

A comprehensive guide to understanding Docker, containerization, and the evolution of application deployment

Docker Overview: From Operating Systems to Containers
Published: 15 min read

Modern software applications require consistent environments to run reliably. Over the decades, computing evolved from simple operating systems, to virtual machines (VMs), and then to containers—a lightweight form of OS-level virtualization. Containers became popular after 2013 with the introduction of Docker, enabling developers to package applications and their dependencies into portable units.

๐Ÿ“š What You'll Learn

  • How operating systems work (Kernel & Shell)
  • Evolution from bare-metal apps → virtual machines → containers
  • How Docker works internally
  • Visual diagrams and comparisons
  • VM vs Container detailed comparison
  • Example containerized application structure

1. Operating System Architecture

Every operating system contains two main components that work together to manage hardware resources and provide an interface for users and applications.

⚙️ Kernel (Core of OS)

  • Manages hardware resources (CPU, RAM, Disk, Network)
  • Handles system calls from applications
  • Provides security, process management, memory management
  • Examples: Linux Kernel, Windows NT Kernel

๐Ÿ’ป Shell (Interface)

  • Command-line (CLI) or graphical (GUI) interface
  • Sends user commands to the Kernel
  • Acts as a bridge between user and OS
  • Examples: Bash, PowerShell, CMD, zsh

System Flow Diagram

๐Ÿ‘ค User
๐Ÿ’ป Shell
⚙️ Kernel
๐Ÿ–ฅ️ Hardware

2. Evolution of Application Deployment

The way we deploy applications has evolved significantly over time. Let's explore the journey from traditional deployment to modern containerization.

2.1 Before 2000: Traditional Deployment

Applications ran directly on the operating system with no isolation between different applications.

๐Ÿ“ฑ Application
☕ Runtime (JRE, .NET, etc.)
๐Ÿ’ป Operating System
๐Ÿ–ฅ️ Hardware

⚠️ Limitations

  • Conflicts between application dependencies
  • Hard to scale horizontally
  • Difficult to maintain consistency across servers
  • A crash in one app could impact others

2.2 After 2000: Virtual Machines (VMs)

Virtualization introduced multiple OS instances on one hardware using a Hypervisor.

๐Ÿ–ฅ️ Hardware
๐Ÿ”ง Hypervisor
VM-1
Guest OS
Runtime
App-A
VM-2
Guest OS
Runtime
App-B
VM-3
Guest OS
Runtime
App-C

✅ Advantages

  • Full isolation between applications
  • Can run different OS types on same hardware
  • Stable and secure

⚠️ Disadvantages

  • Heavy (Each VM includes a full OS)
  • Slow boot time (minutes)
  • Consumes large memory & CPU
  • Inefficient for microservices

2.3 After 2013: Containers (Docker)

Containers are lightweight, fast, and share the host OS kernel, eliminating the need for multiple full OS installations.

๐Ÿ“ฆ Key Definition

A container is a lightweight, standalone, executable unit of software that includes application code and all dependencies, but shares the host OS kernel.

Operating System Support

Host OS Virtualization Used Container Runtime
Windows 10 Hyper-V Lightweight Linux VM
Windows 11 WSL2 Lightweight Linux VM
Linux Native support No VM needed

Container Architecture (Docker)

๐Ÿ–ฅ️ Hardware
⚙️ Host OS Kernel
๐Ÿณ Docker Engine
Container 1
Runtime
App-1
Container 2
Runtime
App-2
Container 3
Runtime
App-3

✨ Why Containers are Lightweight

  • No Guest OS per container
  • All containers share Host OS kernel
  • Very fast startup (milliseconds vs minutes)
  • Minimal resource overhead

3. Virtual Machine vs Container: Detailed Comparison

Virtual Machine Architecture

App-A / App-B / App-C
Guest OS (per VM)
Hypervisor
Hardware

Container Architecture

App-1 / App-2 / App-3
Runtime (per container)
Docker Engine
Host OS (shared)
Hardware

Feature Comparison

Feature Virtual Machines Containers
OS per unit Yes (Full Guest OS) No (Shared host kernel)
Weight Heavy (GBs) Lightweight (MBs)
Boot time Minutes Seconds / Milliseconds
Isolation Strong (Full OS isolation) Medium-strong (Process isolation)
Resource usage High Low
Portability Medium High
Ideal for Full OS virtualization, legacy apps Microservices, CI/CD, modern apps
Scaling Slower, resource-intensive Fast, efficient

✅ Container Advantages

  • Lightweight and fast startup
  • Sharing host OS kernel reduces overhead
  • Perfect for microservices architecture
  • Easy horizontal scaling
  • Consistent across development, staging, and production

⚠️ Container Limitations

  • Cannot run a different OS kernel (e.g., Windows containers on Linux require special support)
  • Slightly less isolated than full VMs
  • Security concerns if kernel is compromised

4. Containerized Application Structure Example

Here's how multiple applications run in containers on a single Docker host, each with its own runtime and dependencies.

๐Ÿ–ฅ️ Docker Host / Hardware Infrastructure
๐Ÿ’ป Host Operating System
๐Ÿณ Docker Engine
Container 1 (C1)
๐Ÿ“ฑ App-1
Java Application
☕ Runtime
JRE (Java Runtime)
๐Ÿ“ฆ Container Shell
User Space
Container 2 (C2)
๐Ÿ“ฑ App-2
.NET Application
⚙️ Runtime
.NET Runtime
๐Ÿ“ฆ Container Shell
User Space
Container 3 (C3)
๐Ÿ“ฑ App-3
Python Application
๐Ÿ Runtime
Python Interpreter
๐Ÿ“ฆ Container Shell
User Space

๐Ÿ’ก Key Takeaways

  • Each container runs independently with its own runtime environment
  • All containers share the same host OS kernel through Docker Engine
  • Different applications can use different runtimes (Java, .NET, Python) simultaneously
  • Containers are isolated at the process level, not OS level

5. Why Docker?

๐ŸŽฏ Core Benefits

  • Consistency: Your application runs the same way across development, testing, and production environments.
  • Fast Deployment: Containers start in milliseconds, enabling rapid scaling and deployment.
  • Easy Packaging: Dockerfile and Images make it simple to package applications with all dependencies.
  • Portability: Containers can run on any system that supports Docker, regardless of the underlying infrastructure.
  • Efficient Resource Usage: Containers share the OS kernel, using fewer resources than virtual machines.

๐Ÿš€ Use Cases

  • Microservices Architecture: Deploy and scale individual services independently.
  • CI/CD Pipelines: Consistent build and test environments for continuous integration.
  • Development Environments: Quick setup of complex development stacks.
  • Cloud-Native Applications: Build applications designed for cloud deployment.
  • Multi-Cloud Deployment: Deploy the same container across different cloud providers.

6. Summary

Evolution Timeline

Before 2000
Traditional Deployment - Direct OS installation
After 2000
Virtual Machines - Full OS virtualization with Hypervisor
After 2013
Containers (Docker) - Lightweight OS-level virtualization

Key Differences at a Glance

Aspect Virtual Machines Containers
OS per unit Yes No (shared host kernel)
Weight Heavy Lightweight
Boot time Minutes Seconds / milliseconds
Isolation Strong Medium-strong
Ideal for Full OS virtualization Microservices, CI/CD

7. Conclusion

Docker has revolutionized how we develop, ship, and run applications. By understanding the evolution from traditional deployment to virtual machines and finally to containers, we can appreciate the efficiency and portability that Docker brings to modern software development.

Containers offer the perfect balance between isolation and resource efficiency, making them ideal for microservices architectures, CI/CD pipelines, and cloud-native applications. As you continue your Docker journey, explore Docker Compose for multi-container applications and orchestration tools like Kubernetes for managing containerized applications at scale.

Ready to Start Containerizing?

Begin your Docker journey today and experience the power of containerization. Start with simple containers, experiment with Dockerfiles, and build scalable applications.

Explore Docker Documentation → Browse Docker Hub →
Devops Docker Operating Systems
Read
Ankaj Gupta
November 09, 2025

Best Google AdSense Alternatives for Bloggers

Monetization Guide

Best Google AdSense Alternatives for Bloggers (2025 Edition)

If you are earning less than expected from AdSense—or your application is still pending—consider these performant ad networks. Each option supports different traffic tiers, content niches, and payout models.

Quick Comparison

Network Ideal For Payment Model Minimum Traffic
Media.net Contextual ads for US/UK audiences CPC + CPM 3K+ pageviews/month
Ezoic AI layout testing for growth-stage blogs Revenue share 10K+ sessions/month
Mediavine Lifestyle, food, parenting, travel Revenue share 50K sessions/month
PropellerAds Push notifications, pop-under, interstitials CPM + CPA No minimum
AdThrive (Raptive) Premium advertisers targeting US households Revenue share (75% to publisher) 100K pageviews/month + 50% US traffic
SheMedia Female-focused sites and lifestyle communities Revenue share 20K+ sessions/month
Sovrn //Commerce Commerce-focused or affiliate heavy blogs CPM + CPA Flexible

Top Networks to Consider

Media.net

A Yahoo/Bing network with contextual ads that blend well with editorial blogs. Works best if most of your traffic comes from US, UK, or Canada.

Visit site →
  • ✅ Dedicated account manager once approved
  • ✅ Compatible with AdSense as a backup
  • ⚠️ Approval can take 3–5 business days
  • ⚠️ Requires quality content and consistent traffic

Ezoic

Automates ad testing with machine learning, improving RPM over time. Offers additional tools such as site speed accelerator and analytics.

Visit site →
  • ✅ Onboarding specialists help with DNS and setup
  • ✅ Pays via PayPal, Payoneer, bank transfer
  • ⚠️ Needs DNS integration or Cloudflare
  • ⚠️ Short learning curve to tune placeholders

Mediavine

A premium network known for industry-leading RPMs. Perfect for lifestyle and food bloggers with strong US-based traffic.

Visit site →
  • ✅ 30-day payment terms via ACH, PayPal, Payoneer
  • ✅ Excellent dashboard and reporting tools
  • ⚠️ Strict content and traffic requirements
  • ⚠️ Exclusivity clause—cannot run other display networks

PropellerAds

A global ad network with aggressive formats such as push notifications, pop-under, and interstitial ads. Works well for entertainment, downloads, gaming, and streaming niches.

Visit site →
  • ✅ Fast approval and no minimum traffic
  • ✅ Weekly payouts starting at $5 via PayPal, Payoneer, bank
  • ⚠️ Intrusive formats can hurt UX if overused
  • ⚠️ Requires compliance with browser policy changes

AdThrive (Raptive)

A premium network with deep advertiser relationships across lifestyle, tech, and finance. Best suited for authoritative publishers with mostly US traffic.

Visit site →
  • ✅ High RPMs and strong direct-sold campaigns
  • ✅ Includes video player, header bidding, and reader surveys
  • ⚠️ Requires 100K monthly pageviews with 50%+ US readers
  • ⚠️ Strict brand safety and content guidelines

SheMedia

Targets female-led audiences with campaigns from top lifestyle advertisers. Provides sponsored content opportunities alongside display revenue.

Visit site →
  • ✅ Inclusive community events and brand collaborations
  • ✅ Support for audio, video, and newsletter sponsorships
  • ⚠️ Needs 20K monthly sessions and majority female audience
  • ⚠️ Focused on English-language content

Choosing the Right Mix

Instead of relying on a single network, combine monetization levers to stabilize revenue:

  • Display ads: Pair AdSense with Media.net or Ezoic to fill inventory.
  • Affiliate links: Promote niche-specific products alongside ads.
  • Sponsored posts: Pitch brands once your traffic meets advertiser thresholds.
  • Digital products: Offer e-books, templates, or premium newsletters.

How to Prepare a Strong Application

Eligibility Checklist

  • Publish at least 30–40 high-quality, original articles.
  • Maintain clear navigation, About, Contact, and Privacy Policy pages.
  • Ensure 50–60% of traffic matches the network’s target geography.
  • Keep site speed scores above 70 on mobile and desktop.

Application Tips

  1. Collect screenshots of Google Analytics (last 30 days, traffic sources).
  2. Highlight popular posts and engagement metrics in your pitch.
  3. Disclose existing monetization partners upfront.
  4. Follow up after seven days with a polite status email if needed.

Payment Timelines and Thresholds

Network Threshold Frequency Payout Methods
Media.net $100 Net-30 Wire, PayPal
Ezoic $20 Net-30 PayPal, Payoneer, bank transfer
Mediavine $25 Net-65 ACH, PayPal, Payoneer
PropellerAds $5 Weekly PayPal, Payoneer, wire, Skrill
AdThrive (Raptive) $25 Net-45 ACH, wire, PayPal

RPM Optimization Checklist

During Setup

  • Place ads above the fold, in-content, and at the end of articles.
  • Enable lazy loading and defer non-critical scripts.
  • Use responsive ad units for mobile and tablet devices.
  • Test header bidding or mediation to increase demand.

Monthly Maintenance

  • Monitor Core Web Vitals—particularly CLS and LCP.
  • Review RPM by device, geography, and page type.
  • Optimize top-earning posts with updated keywords and CTAs.
  • Split-test ad density to balance UX and revenue.

FAQ

Can I use multiple ad networks at the same time?

Yes. Many publishers run Media.net alongside AdSense or use Ezoic’s mediation feature to test different partners. Check each network’s policy to avoid exclusivity conflicts.

Which network pays the fastest?

PropellerAds releases payments weekly once you hit $5. Media.net and Ezoic pay net-30, while Mediavine and AdThrive pay net-65.

Will switching networks hurt SEO?

No. Ad networks do not affect Google rankings directly. Focus on ad layout, page speed, and Core Web Vitals to maintain user experience.

Next Steps

  • Audit your traffic location and niche before applying.
  • Test networks for at least 30 days to gather reliable RPM data.
  • Continue creating evergreen content—advertisers pay more for quality audiences.
Blogger blogging
Read