Step 1 — Log in as root
ssh root@your_server_ipStep 2 — Create a new user
Because of the heightened privileges of the root account, you are discouraged from using it on a regular basis. Let’s set up a new user account with reduced privileges for day-to-day use.
adduser userdudeYou will be asked a few questions, starting with the account password.
Step 3 — Grant administrative privileges to the new user
usermod -aG sudo userdudeStep 4 — Set up a basic firewall
Ubuntu 20.04 servers can use the UFW firewall to make sure only connections to certain services are allowed. We can set up a basic firewall very easily using this application.
UFW is installed by default on Ubuntu. If it has been uninstalled for some reason, you can install it with sudo apt install ufw.
We need to make sure that the firewall allows SSH connections so that we can log back in next time. We can allow these connections by typing:
ufw allow OpenSSHAfterwards, we can enable the firewall by typing:
ufw enableBecause A2 Hosting uses an alternative port for SSH, you’ll may need to input something like the following:
iptables -A INPUT -p tcp -m tcp --dport 7822 -j ACCEPTTo test that everything worked, log out and log back in using the new user you set up.
Step 5 — Install Apache and update the firewall
sudo apt update
sudo apt install apache2Adjust your firewall settings to allow HTTP traffic
sudo ufw allow "Apache Full"Test everything by going to http://your_server_ip in a browser. You should see something like this:
Step 6 — Managing the Apache process
Now that you have your web server up and running, let’s go over some basic management commands using systemctl.
To stop your web server, type:
sudo systemctl stop apache2To start the web server when it is stopped, type:
sudo systemctl start apache2To stop and then start the service again, type:
sudo systemctl restart apache2If you are simply making configuration changes, Apache can often reload without dropping connections. To do this, use this command:
sudo systemctl reload apache2By default, Apache is configured to start automatically when the server boots. If this is not what you want, disable this behavior by typing:
sudo systemctl disable apache2To re-enable the service to start up at boot, type:
sudo systemctl enable apache2Apache should now start automatically when the server boots again.
Step 7 — Install MySQL
sudo apt install mysql-serverWhen the installation is finished, it’s recommended that you run a security script that comes pre-installed with MySQL. This script will remove some insecure default settings and lock down access to your database system. Start the interactive script by running:
sudo mysql_secure_installationCreate MySQL user and database
As you have connected to the MySQL server on command line. Your database server is ready to use for your applications to store data.
sudo mysqlCREATE DATABASE mydb;
CREATE USER 'myuser'@'localhost' IDENTIFIED by 'Pa$$w0rd';
GRANT ALL on mydb.* to 'myuser'@'localhost';
FLUSH PRIVILEGES;Set up remote access
We need to make sure we can connect from the outside.
sudo vim /etc/mysql/mysql.conf.d/mysqld.cnfFind the line that has the following:
bind-address = 127.0.0.1 Replace 127.0.0.1 with your server’s IP address.
Using the database we just created, let’s setup a remote user:
CREATE USER 'remote_myuser'@'%' IDENTIFIED by 'Pa$$w0rd';
GRANT ALL on mydb.* to 'remote_myuser'@'%';
FLUSH PRIVILEGES;Next, open up connections to the sql port:
sudo ufw allow from your_ip_address to any port 3306 If you want to open up all IP addresses (don’t do this if you’re keeping any sensitive data)
sudo ufw allow 3306Step 8 — Install PHP
PHP is used by 78% of websites and is required for applications like Laravel and WordPress.
sudo apt install php php-common libapache2-mod-php php-xml php-gd php-opcache php-mbstring php-tokenizer php-json php-bcmath php-zip unzip php-mysql php-curl php-xml php-xmlrpc php-soap php-intlTest that everything is in place:
php -vPHP 7.4.3 (cli) (built: Oct 6 2020 15:47:56) ( NTS )
Copyright (c) The PHP Group
Zend Engine v3.4.0, Copyright (c) Zend Technologies
with Zend OPcache v7.4.3, Copyright (c), by Zend Technologies Step 9 — Create a Virtual Host for your Website
When using the Apache web server, you can create virtual hosts to encapsulate configuration details and host more than one domain from a single server.
Create a simple webpage
Create dedicated folders for your new website.
sudo mkdir -p /var/www/website.comNext, assign ownership of the directory with the $USER environment variable, which will reference your current system user:
sudo chown -R $USER:$USER /var/www/website.comCreate a landing page:
vim /var/www/website.com/index.html<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Website.com</title>
<meta name="description" content="Website.com Homepage">
<meta name="author" content="Your Name">
</head>
<body>
This is the index page of website.com, welcome!
</body>
</html>Add the new website to virtual hosts
sudo vim /etc/apache2/sites-available/websites.com.conf<VirtualHost *:80>
ServerName website.com
ServerAlias www.website.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/website.com
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>You can now use a2ensite to enable the new virtual host:
sudo a2ensite website.comYou might want to disable the default website that comes installed with Apache. This is required if you’re not using a custom domain name, because in this case Apache’s default configuration would overwrite your virtual host. To disable Apache’s default website, type:
sudo a2dissite 000-defaultTo make sure your configuration file doesn’t contain syntax errors, run:
sudo apache2ctl configtestFinally, reload Apache so these changes take effect:
sudo systemctl reload apache2You should now be able to navigate to website.com and see your beautiful landing page.