Backend & DevOps

L'infrastruttura che
regge tutto.

API robuste, database ottimizzati, server sicuri, deploy senza stress. La spina dorsale invisibile che fa funzionare ogni progetto.

30+Progetti deployati
99.9%Uptime garantito
50+API costruite
0Falle di sicurezza
Competenze

Stack tecnico padroneggiato

Ogni strumento scelto per la ragione giusta — performance, scalabilità o velocità di consegna.

Runtime & Languages

Node.js92%

REST APIs, middleware, WebSockets, Express/Fastify

PHP88%

Pure backend, REST API, cPanel/Apache integration

TypeScript90%

Strict typing, generics, advanced interfaces

Python72%

Automation scripts, Flask API, data processing

Databases

MySQL / MariaDB90%

Complex schemas, indexing, optimized queries

Supabase / PostgreSQL85%

RLS, realtime, auth, storage, edge functions

Prisma ORM88%

Relations, migrations, typed query builder

MongoDB70%

Documents, aggregation, Atlas cloud

Infrastructure & DevOps

Docker82%

Containers, docker-compose, multi-services

Apache / Nginx88%

.htaccess, virtual hosts, proxy, rewrite rules

cPanel / VPS92%

Deployment, DNS, FTP, SSL certificates

Git & CI/CD85%

Git flow, GitHub Actions, auto deployment

Security & Auth

JWT / OAuth287%

Stateless auth, tokens, refresh, roles

HTTPS / SSL / TLS92%

Let's Encrypt certificates, HSTS, CORS

Firewall & WAF80%

iptables rules, fail2ban, DDoS protection

GDPR & CNDP85%

Law 09-08 compliance, T&C, privacy policy

Cosa costruisco

Servizi Backend

01

REST API & GraphQL

Design and development of robust APIs, documented with Swagger. Versioning, rate limiting, pagination.

02

Database Architecture

Complex schema modeling, query optimization, indexing, relations, migrations.

03

Docker & Micro-services

Application containerization, multi-service orchestration, dev/prod environment isolation.

04

Auth & Security

Secure authentication systems — JWT, OAuth2, sessions, RBAC, 2FA, CSRF/XSS protection.

05

Transactional Emails

SMTP, Mailgun, SendGrid — HTML templates, triggered emails, bounce handling.

06

Online Payment

CMI, Stripe, PayPal integration. Webhooks, order confirmation, banking compliance.

07

Deployment & CI/CD

Automated deployment pipeline, rollback, zero-downtime, bash automation scripts.

08

Monitoring & Logs

Uptime monitoring, alerts, centralized logs, server performance dashboards.

09

Backups & Recovery

Daily/weekly auto backup strategy, fast restoration, failure resilience.

Setup Server

Da zero alla produzione in 5 passi

01

Provisioning

VPS/host choice, OS installation, secure SSH access, network and DNS configuration.

02

Stack Setup

Apache/Nginx, PHP/Node.js, MySQL, SSL Let's Encrypt installation, firewall configuration.

03

Deployment

File upload, DB migrations, environment variables, final consistency tests.

04

Hardening

Fail2ban, HSTS, security headers, WAF, vulnerability audit, backup policy.

05

Monitoring

Uptime Robot, email/SMS alerts, log rotation, Grafana dashboards if needed.

Realizzazioni Backend

Progetti in produzione

Event Platform

Full PHP API — online registration, secure payment, participant management, real-time admin dashboard.

PHP REST APIMySQLPayment GatewayCNDP ComplianceApachecPanel
100+Managed users
20+API endpoints
99.9%Uptime

Booking System

Full backend — Prisma ORM + Supabase, real-time availability, automated emails, admin dashboard.

Node.jsPrismaSupabasePostgreSQLViteAuth JWT
15+Units managed
500+API calls/day
95+PageSpeed

Sports App [Confidential]

Multi-service backend — Node.js API for team/match/standings management, PostgreSQL, OAuth2 auth, real-time push notifications.

Node.jsDockerPostgreSQLWebSocketREST APIOAuth2
5Micro-services
40+Endpoints
WSReal-time

Editorial Platform [Confidential]

Supabase backend — editor authentication, article/category/tag management, CDN image upload, granular RLS policies.

SupabasePostgreSQLRLSStorageEdge FunctionsAuth
50+Articles indexed
12RLS policies
WSRealtime
Estratto di codice

Codice pulito,
manutenibile e documentato

api/users.tsTypeScript
// POST /api/users — Secure account creation
export async function createUser(req: Request, res: Response) {
  const { name, email, password, role = 'user' } = req.body;

  if (!name || !email || !password) {
    return res.status(400).json({ error: 'Required fields missing' });
  }

  try {
    const existing = await db.query(
      'SELECT id FROM users WHERE email = ? LIMIT 1',
      [email]
    );
    if (existing.length > 0) {
      return res.status(409).json({ error: 'Email already in use' });
    }

    const hash = await bcrypt.hash(password, 12);

    const result = await db.query(`
      INSERT INTO users (name, email, password_hash, role, created_at)
      VALUES (?, ?, ?, ?, NOW())
    `, [name, email, hash, role]);

    const token = jwt.sign(
      { id: result.insertId, email, role },
      process.env.JWT_SECRET!,
      { expiresIn: '7d' }
    );

    await mailer.send({ to: email, template: 'welcome', data: { name } });

    return res.status(201).json({ success: true, token });

  } catch (err) {
    console.error('[createUser]', err);
    return res.status(500).json({ error: 'Server error' });
  }
}

Hai bisogno di un'infrastruttura solida?

Che si tratti di una API da zero o di un'infrastruttura esistente da rifare, gestisco l'intero backend — dal design al deploy sicuro.

AL.

© 2026 Aymane Limam — Sviluppatore Full-Stack & Esperto SEO