I am able to setup Linux VPS servers as I need them, I wasn’t always able to. I find this resource quite useful – It has spent a few years sitting as a txt file on my messy (but organized) desktop.
I want to say a big Thank You! and shout-out to Riaan Nolan – who spent many hours of his own time, trying to teach me sysadmin things. One of the coolest people I know!
Let’s get started:
1. Order a Linux VPS
I typically order my Linux VPS servers with Ubuntu OS.
Once your order is ready, you will receive an IP address and a root password. Some servers may also provide non-standard SSH port numbers.
Your details should look something like this:
Server IP: 123.88.8.888
Username: root
Password: *These details allow you to SSH into the Linux server via the command line.
2. SSH into the Linux VPS
Open your terminal (or Command Prompt on Windows) and type:
ssh [email protected]You will use the details that the web host has provided. Not the details above that I have used as an example.
Once logged in (as root), you want to run the following update:
apt-get updateand then, the following upgrade:
apt-get upgradeCreate a New User
Let’s create a new user and set that user a password. This user can be anything (other than root).
useradd john
passwd johnObviously you’ll need to store the password safely. I recommend this password generator tool.
3. Configure the New User
Let’s check out the password config file.
nano /etc/passwdSome servers do not have nano installed or setup as the default text editor. If this is the case you need to simply install it:
apt-get install nano Going back to the password config file, here you want to make sure that the user you have created runs on bash, and not sh.
john:x:1000:1000::/home/john:/bin/shShould be:
john:x:1000:1000::/home/john:/bin/bashIf you’ve made that change, you’ll need to save your file, and exit nano. Usually Ctrl + X will ask you if you want to save the changes, you want to confirm with a Shift + Y. Your changes have now been automatically saved.
If you would like to confirm these changes, you can view the contents of the file by:
cat /etc/passwdCreate a Home Directory for the User
Next, let’s navigate to the home directory, so that we can create the new user’s own directory.
cd /home
mkdir johnYou would want to give the user john permissions for this directory – only john.
chown john:john john -RChown and chmod are very VERY dangerous commands, especially when used in conjunction with -R (recursively). It’s very easy to make a mistake, and target the root directory recursively. Next thing your server is inaccessible and broken. This has happened to me before, this has happened to web developers that I’ve worked with.
Moving along, we have now created a user, set a password, created a directory for that user in the home dir, and set permissions for that directory.
4. Log in as the New User
Let’s log out of the server, and log back in as the user (not root).
To log out of the server, type:
exitNow, let’s log in again:
ssh [email protected]Then provide the password you set. Hopefully you’ve stored it safely.
You should now be logged in as user john, and your default location should be /home/john/
From here you can jump directly to the root user by using the following command:
sudo -iYou will be prompted for the root user’s password. You can go ahead and input it.
5. Install Apache
Now that the basics are set up, let’s install Apache to serve web pages. Start by updating the package list:
sudo apt-get updateThen install Apache:
sudo apt-get install apache2Once installed, start the Apache service:
sudo systemctl start apache2Enable Apache to start on boot:
sudo systemctl enable apache2Check that Apache is running:
sudo systemctl status apache2You can now verify the installation by visiting your server’s IP address in a web browser (e.g., http://123.88.8.888).
6. Secure the Server
Securing your server is critical to protecting it from unauthorized access and attacks. Let’s configure some essential security measures:
Firehol (Advanced Firewall)
If you need a more advanced firewall configuration, you can use Firehol. Firehol allows you to write more complex firewall rules in a simpler syntax. Install Firehol with:
sudo apt-get install fireholEdit its configuration file to define your firewall rules:
sudo nano /etc/firehol/firehol.confHere’s a simple example of a Firehol configuration:
version 6
interface eth0 internet
server "http https" accept
client all acceptSave the file and start Firehol:
sudo firehol startEnsure Firehol starts on boot:
sudo systemctl enable fireholInstall Fail2Ban
Fail2Ban helps protect your server by blocking IP addresses that show malicious behavior, such as repeated failed login attempts. Install it with:
sudo apt-get install fail2banStart and enable the service:
sudo systemctl start fail2ban
sudo systemctl enable fail2banFor basic protection, Fail2Ban works out of the box. However, you can customize its configuration by editing the jail file:
sudo nano /etc/fail2ban/jail.localAfter making changes, restart the service:
sudo systemctl restart fail2ban7. Install PHP and MySQL
Install PHP:
sudo apt-get install php libapache2-mod-php php-mysqlInstall MySQL:
sudo apt-get install mysql-serverConclusion
It is as easy as that! You now have your VPS up and running, with the very basics installed.
In the future, I will dive a bit deeper into setting up a website with an SSL certificate.
