You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
ssh root@SERVER_IP_ADDRESS
adduser demo
# Add the new user to the sudo group
gpasswd -a demo sudo
# Add public key to new remote user
ssh-keygen
nano .ssh/authorized_keys
chmod 600 .ssh/authorized_keys
# Configure SSH
nano /etc/ssh/sshd_config
# Change SSH port# Modify section: "Port 22" to "Port 4444"# Restrict root login# Modify section: "PermitRootLogin yes" to "PermitRootLogin no"# Disable password authentication: change "PasswordAuthentication yes" to "PasswordAuthentication no"# Reload SSH
service ssh restart
ssh -p 4444 demo@SERVER_IP_ADDRESS
[Additional Recommended Steps for New Ubuntu 14.04 Servers] 2
# Allow ssh at port 4444
sudo ufw allow 4444/tcp
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
# Enable SMTP email at port 25
sudo ufw allow 25/tcp
sudo ufw show added
sudo ufw enable
Configure Timezones and Network Time Protocol Synchronization
# Select the geographic region of the server
sudo dpkg-reconfigure tzdata
# Configure NTP Synchronization
sudo apt-get update
sudo apt-get install ntp
Create a Swap File
# Allocate the space for swap file
sudo fallocate -l 4G /swapfile
sudo chmod 600 /swapfile
# Format the file for swap
sudo mkswap /swapfile
# Tell the system it can use the swap file
sudo swapon /swapfile
# Modify a system file so that the server will do this automatically at boot
sudo sh -c 'echo "/swapfile none swap sw 0 0" >> /etc/fstab'
Take a Snapshot of your Current Configuration
sudo poweroff
[How To Install Linux, Apache, MySQL, PHP (LAMP) stack on Ubuntu 14.04] 3
Install Apache
sudo apt-get update
sudo apt-get install apache2
# To find the server's public IP address
ip addr show eth0 | grep inet | awk '{ print $2; }'| sed 's/\/.*$//'
Install MySQL
sudo apt-get install mysql-server php5-mysql
# Create database directory structure
sudo mysql_install_db
# Run a simple security script that will remove some dangerous defaults and lock down access to the database system a little bit
sudo mysql_secure_installation
Install PHP
sudo apt-get install php5 libapache2-mod-php5 php5-mcrypt
# make Apache look for an index.php before index.html
sudo nano /etc/apache2/mods-enabled/dir.conf
# In "<IfModule mod_dir.c> ... </IFModule>" section, put index.php in front of index.html
sudo service apache2 restart
# Install PHP modules
apt-cache search php5-
apt-cache show php5-cli
sudo apt-get install php5-cli
[Implement fail2ban to Ban Malicious IP Addresses] 6
sudo apt-get install fail2ban
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
# Configure the defaults in jail.local
sudo nano /etc/fail2ban/jail.local
# Set destemail# Edit ssh port "port=4444"
sudo service fail2ban restart
# See the rules that fail2ban puts in effect within the IP table
sudo iptables -L
Implement an Intrusion Detection System to Detect Unauthorized Entry
Tripwire
Aide
Psad
Bro
RKHunter
[Set Up Apache Virtual Hosts on Ubuntu 14.04 LTS] 8
# Apache comes with a default virtual host file called 000-default.conf that we can use as a jumping off point
sudo cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/example.com.conf
sudo nano /etc/apache2/sites-available/example.com.conf
# Change "ServerAdmin webmaster@localhost" to "ServerAdmin admin@example.com"# Change "DocumentRoot /var/www/html" to "DocumentRoot /var/www/example.com/public_html"# Add "ServerName example.com"# Add "ServerAlias www.example.com"
Enable the New Virtual Host Files
sudo a2ensite example.com.conf
sudo a2ensite test.com.conf
sudo service apache2 restart
[Set Up Email Host with Your Domain on DigitalOcean] 9
Sign Up a Free Account at [Zoho] 10 with Domain Name