I’m trying out A2 Hosting’s unmanaged virtual private solution for my web hosting solution. The draw of this option is that it provides a barebones VPS at a low cost. The catch (or opportunity depending on how you look at it) is that you’re in charge of setting everything up. Here are the steps I took to get everything set up.
Start by SSHing into your new server. For right now, you can only login as root.
Create a new user
This example creates a new user called
userdude, but you should replace it with any username that you prefer:
Next, set a strong password for the
Now, set the new user to be an admin. To add these privileges to our new user, we need to add the new user to the
wheel group. By default, on CentOS 8, users who belong to the
wheel group are allowed to use the
usermod -aG wheel userdude
Setting Up a Firewall
Before we get too far, let’s setup a basic firewall.
dnf install firewalld -y
A2 changes the default port for SSH, so we will want to allow the custom SSH port
sudo firewall-cmd --zone=public --add-port=7822/tcp --permanent
Start the firewall and check the status to makes sure everything is running smoothly
systemctl start firewalld
systemctl status firewalld
Add HTTP and HTTPS to be allowed by the firewall
firewall-cmd --permanent --add-service=http firewall-cmd --permanent --add-service=https
sudo dnf install httpd
Start up Apache.
systemctl start httpd
You should now be able to navigate to your server’s IP address in a web browser and see the default Apache webpage.
Basic Apache Commands
To stop your web server, type:
sudo systemctl stop httpd
To start the web server when it is stopped, type:
sudo systemctl start httpd
To stop and then start the service again, type:
sudo systemctl restart httpd
If you are simply making configuration changes, Apache can often reload without dropping connections. To do this, use this command:
sudo systemctl reload httpd
By default, Apache is configured to start automatically when the server boots. If this is not what you want, disable this behavior by typing:
sudo systemctl disable httpd
To re-enable the service to start up at boot, type:
sudo systemctl enable httpd
Setting Up PHP
Let’s start by installing PHP
My server had 7.3 available, but I wanted to use 7.4. You can check this with the following command:
sudo dnf module list php
If you do not see 7.4 listed, you will need to add the Remi repository. Remi, a third-party repository which offers multiple versions of PHP (7.4 / 7.3 / 7.2) for Red Hat Enterprise Linux.
sudo rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
sudo dnf install -y https://rpms.remirepo.net/enterprise/remi-release-8.rpm
Enable everything with the following command:
sudo dnf module enable php:remi-7.4 sudo dnf install -y php php-bcmath php-mcrypt php-pdo php-xml php-tokenizer php-mysqlnd php-pecl-xdebug php-gd php-intl php-zip php-opcache sudo systemctl restart httpd
Run the following command to install the
mysql-server package and a number of its dependencies:
sudo dnf install mysql-server
Start up MySQL and enable it to start on startup
sudo systemctl start mysqld.service sudo systemctl enable mysqld
This will take you through a series of prompts asking if you want to make certain changes to your MySQL installation’s security options. The first prompt will ask whether you’d like to set up the Validate Password Plugin, which you can use to test the strength of your MySQL password.
Once you have everything answered and ready to go, test it out:
mysqladmin -u root -p version
If you’re like me, you disabled root remote access. You’ll now have to create a new user to access mysql.
mysql -u root -p CREATE USER 'newuser'@'%' IDENTIFIED BY 'user_password'; GRANT ALL PRIVILEGES ON database_name.* TO 'database_user'@'%';
Update the firewall to allow remote access to MySQL
sudo firewall-cmd --zone=public --add-port=3306/tcp --permanent sudo firewall-cmd --reload
A2 didn’t require any additional configuration for remote MySQL, but your milage may vary.
Creating a virtual host file on CentOS 8
If you’re like me, you’ll be using your fancy new VPS to host multiple websites. This is where virtual hosts comes in. Let’s set one up.
Create a simple webpage
Create dedicated folders for your new website.
sudo mkdir -p /var/www/website.com/site
Make sure to create a file in order to store the log files of your website.
sudo mkdir -p /var/www/website.com/log
Create your first HTML page
cd /var/www/website.com/site sudo vim index.html
<!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>Website.com</title> <meta name="description" content="Website.com Homepage"> <meta name="author" content="Your Name"> </head> <body> This is the index page of website.com, welcome! </body> </html>
Setup the .conf files
Second, create a
sudo mkdir -p /etc/httpd/sites-enabled /etc/httpd/sites-available
Now that your folders are created, edit your default Apache configuration and find the following line.
sudo vim /etc/httpd/conf/httpd.conf # Load config files in the "/etc/httpd/conf.d" directory if any IncludeOptional conf.d/*.conf
Add this line below:
Now that your Apache Web Server configuration is updated, create a virtual host file for your “website.com” website.
sudo vim /etc/httpd/sites-available/website.com.conf
Paste the following configuration in it.
<VirtualHost *:80> ServerName website.com ServerAlias www.website.com DocumentRoot /var/www/website.com/site ErrorLog /var/www/website.com/log/error.log CustomLog /var/www/website.com/log/requests.log combined </VirtualHost>
Save your file, and make sure that your configuration is okay by running the following command.
$ sudo apachectl configtest Syntax OK
Now, your website won’t be directly available just by restarting your Apache Web server, it needs to be located in the sites-enabled folder.
To link it to the sites-enabled directory, create a symbolic link using this command.
$ sudo ln -s /etc/httpd/sites-available/website.com.conf /etc/httpd/sites-enabled/website.com.conf
Update your SELinux firewall rules
By default, SELinux is configured to work with default Apache configuration folders. However, I did not have it working correctly. I was able to remedy that here.
As you created custom ones, you need to enable them in SELinux.
In order for the Apache Web Server to start correctly, you need to modify your Apache policy to include custom log directories.
To enable custom directories, run the following command
$ sudo setsebool -P httpd_unified 1
Restart your Apache server
Now that everything is correctly set up, it is time for you to restart your server to see your changes.
$ sudo systemctl restart httpd