Setup a Ubuntu Server

(a Idiots guide to running a linux based web server)

this guide will make your server both secure and easy to administer

1. Droplet with LAMP Stack (Linux, Apache, MySQL and PHP)

Go to DigitalOcean
Create a account
Select Size
Select Region
Select Image
Applications
LAMP on Ubuntu 14.04

2. Set mysql “root” Password and secure it

  • mysqladmin -u root -p'password' password newpassword
  • /usr/bin/mysql_secure_installation

3. Add a Web User

  • adduser webuser
  • usermod -a -G www-data webuser
  • chgrp -R www-data /var/www
  • chmod -R 770 /var/www
  • ln -s /var/www /home/webuser/www

Now you can login with webuser using
a sftp client like Filezilla (use port 22)
and you have access to www files

4. Adminer (Optional)

Web based MySQL administration

  • sudo apt-get install adminer
  • sudo servie apache2 restart

You can now login with mysql root/password
http://yoursite.com/adminer

5. Monitoring (Optional)

vnstats lets you monitor daily/monthly bandwidth usage

  • apt-get install vnstat

nethogs is a realtime monitor for ethernet traffic

  • apt-get install nethogs

Glances is a system monitor for your GNU/Linux or BSD operating system from console

  • sudo apt-get install python-pip build-essential python-dev
  • sudo pip install Glances
  • sudo pip install PySensors

6. Secure the system

  • adduser your_username
  • echo "your_username ALL=(ALL:ALL) ALL" >> /etc/sudoers

Now you can run root commands by adding sudo before
the command you want to run like sudo apt-get install
use your user password

*disaster sudo recovery

  • Go to Droplets > Access > Console Access
  • logout
  • login as root
  • nano /etc/sudors <- modify it

7 Disable root login

  • nano /etc/ssh/sshd_config
  • change PermitRootLogin yes to PermitRootLogin no
  • sudo service ssh restart

now login as your_username and run sudo before every command
if you want to become root again run
sudo su

wiak // http://nwgat.net