How to setup a Linux server

The setup of a Linux server is the best way to save a lot of money and also to better apprehend your server, its security, the possible glitch, to less depend on the support. It won’t be easy because you will be practically alone, alone to deal with a down server, with hackers, DDoS attacks, with database issues, with corrupted files, alone to do backups, etc… but when you will have mastered a Linux server, you will be very comfortable with the work on your websites.

What Linux distribution to choose ?

The most popular distributions are Ubuntu and Debian. Ubuntu gives us much more results when you search it in Google. However I have to admit that several times, I haven’t found solutions for specific issues with this one. So, I have decided to install Debian on my servers instead. With Debian, I have pratically always been able to resolve the problems that we can encounter with a server. So, I would suggest Debian. The SSH commands are almost the same. Guides for Ubuntu will be compatible with Debian most of the time.

After a fresh installation of a Linux server or VPS (virtual private server) :

1. Update the Linux distribution and change the root password.
2. Setup the Apache web server.
3. Setup the MySQL server.
4. Setup phpMyAdmin.
5. Setup PHP.
6. Setup a FTP server.
7. Add a website in Apache (adds several with virtual hosts).
8. Add a shortcut to phpMyAdmin (in your www/html directory).
9. Setup an editor.
10. Link the ftp sever to virtual hosts.
11. Setup Exim4 (mail module).

– You can use Nginx instead of Apache, but I don’t recommand it as setting virtual hosts (if you want to add several websites) is much more complicated with Nginx. And configuring https with Nginx is also another difficult task as you have to setup packages like php-fpm that requires custom parameters. Personally, I have not been able to work properly with Nginx. You can still try it and later come back to Apache if you failed.
– Replace sendmail with Exim4. Exim4 will make less issues.

Additional setup for advanced cms (vBulletin, phpBB3, WordPress) :

12. Enable mod rewrite (if you want friendly urls).
13. Setup ImageMagick (to attach files to posts).
14. Setup several domain names on one VPS.

Security

15. Setup Fail2Ban.
16. Add shrunk window jail to Fail2Ban.
17. Definitely ban an IP with Fail2Ban.
18. Setup rkhunter.
19. Setup a SSL certificate.
20. Setup logwatch.
21. Setup a RSA key.

Fail2Ban is the best firewall program to ban IP addresses that constantly tries to guess your password. Hacker robots are excellent nowadays, they will find your root password in less than 1000 of tries. It requires some tweaks with addition of jails. The firewall alone is not enough. The hackers will break your server if you don’t setup the SSH RSA key solution, and your web hosting provider will have to close your account as you will get too much abuse reports. Your server will indeed hack other servers due to a malicious code in your Linux folders.
– The SSL certificate is very difficult to install. There is no complete guide on the Web yet for the free SSL certificates like Let’s Encrypt, with the correct configuration of Apache or Nginx. Personally I have failed for the moment. The problem will be that all your https url won’t work if you decide to remove the SSL certificate. You should let it and redirect the internet users to http. But sometimes when you setup https, http doesn’t work anymore. So be aware of that and test it first on a demo server. Be sure when you have the lock to try it deeply, by modifying files on your website, by surfing on it.

Backup :

22. Create backup.sh.

Finally :

23. Point your domain name to the server IP address.

Some how to guides :

Apache.
Backup.
Exim4.
Fail2Ban.
File and folder.
FTP
Group and user.
Iptables.
IPv6.
Nginx.
PHP.
PhpMyAdmin.
Rkhunter.
RSA key.
Sendmail.
Server.
SSH.
SSL.
Other Linux.

Share

Leave a Reply

Be the First to Comment!

Notify of
avatar
wpDiscuz