Setup A Linux Vps Website Ssh Setup A Linux Vps Website Ssh

How to Setup a Linux VPS running Apache

I am able to setup Linux VPS servers as I need them, I wasn’t always able to. I find this resource quite useful – It has spent a few years sitting as a txt file on my messy (but organized) desktop.

I want to say a big Thank You! and shout-out to Riaan Nolan – who spent many hours of his own time, trying to teach me sysadmin things. One of the coolest people I know!

Let’s get started:

1. Order a Linux VPS

I typically order my Linux VPS servers with Ubuntu OS.

Once your order is ready, you will receive an IP address and a root password. Some servers may also provide non-standard SSH port numbers.

Your details should look something like this:

Server IP: 123.88.8.888
Username: root
Password: *

These details allow you to SSH into the Linux server via the command line.

2. SSH into the Linux VPS

Open your terminal (or Command Prompt on Windows) and type:

ssh [email protected]

You will use the details that the web host has provided. Not the details above that I have used as an example.

Once logged in (as root), you want to run the following update:

apt-get update

and then, the following upgrade:

apt-get upgrade

Create a New User

Let’s create a new user and set that user a password. This user can be anything (other than root).

useradd john
passwd john

Obviously you’ll need to store the password safely. I recommend this password generator tool.

3. Configure the New User

Let’s check out the password config file.

nano /etc/passwd

Some servers do not have nano installed or setup as the default text editor. If this is the case you need to simply install it:

apt-get install nano 

Going back to the password config file, here you want to make sure that the user you have created runs on bash, and not sh.

john:x:1000:1000::/home/john:/bin/sh

Should be:

john:x:1000:1000::/home/john:/bin/bash

If you’ve made that change, you’ll need to save your file, and exit nano. Usually Ctrl + X will ask you if you want to save the changes, you want to confirm with a Shift + Y. Your changes have now been automatically saved.

If you would like to confirm these changes, you can view the contents of the file by:

cat /etc/passwd

Create a Home Directory for the User

Next, let’s navigate to the home directory, so that we can create the new user’s own directory.

cd /home
mkdir john

You would want to give the user john permissions for this directory – only john.

chown john:john john -R

Chown and chmod are very VERY dangerous commands, especially when used in conjunction with -R (recursively). It’s very easy to make a mistake, and target the root directory recursively. Next thing your server is inaccessible and broken. This has happened to me before, this has happened to web developers that I’ve worked with.

Moving along, we have now created a user, set a password, created a directory for that user in the home dir, and set permissions for that directory.

4. Log in as the New User

Let’s log out of the server, and log back in as the user (not root).

To log out of the server, type:

exit

Now, let’s log in again:

ssh [email protected]

Then provide the password you set. Hopefully you’ve stored it safely.

You should now be logged in as user john, and your default location should be /home/john/

From here you can jump directly to the root user by using the following command:

sudo -i

You will be prompted for the root user’s password. You can go ahead and input it.

5. Install Apache

Now that the basics are set up, let’s install Apache to serve web pages. Start by updating the package list:

sudo apt-get update

Then install Apache:

sudo apt-get install apache2

Once installed, start the Apache service:

sudo systemctl start apache2

Enable Apache to start on boot:

sudo systemctl enable apache2

Check that Apache is running:

sudo systemctl status apache2

You can now verify the installation by visiting your server’s IP address in a web browser (e.g., http://123.88.8.888).

6. Secure the Server

Securing your server is critical to protecting it from unauthorized access and attacks. Let’s configure some essential security measures:

Firehol (Advanced Firewall)

If you need a more advanced firewall configuration, you can use Firehol. Firehol allows you to write more complex firewall rules in a simpler syntax. Install Firehol with:

sudo apt-get install firehol

Edit its configuration file to define your firewall rules:

sudo nano /etc/firehol/firehol.conf

Here’s a simple example of a Firehol configuration:

version 6

interface eth0 internet
server "http https" accept
client all accept

Save the file and start Firehol:

sudo firehol start

Ensure Firehol starts on boot:

sudo systemctl enable firehol

Install Fail2Ban

Fail2Ban helps protect your server by blocking IP addresses that show malicious behavior, such as repeated failed login attempts. Install it with:

sudo apt-get install fail2ban

Start and enable the service:

sudo systemctl start fail2ban
sudo systemctl enable fail2ban

For basic protection, Fail2Ban works out of the box. However, you can customize its configuration by editing the jail file:

sudo nano /etc/fail2ban/jail.local

After making changes, restart the service:

sudo systemctl restart fail2ban

7. Install PHP and MySQL

Install PHP:

sudo apt-get install php libapache2-mod-php php-mysql

Install MySQL:

sudo apt-get install mysql-server

Conclusion

It is as easy as that! You now have your VPS up and running, with the very basics installed.
In the future, I will dive a bit deeper into setting up a website with an SSL certificate.