retrocoder.se

Login

My setup of a VPS - Part 1

Posted 2016-10-02 20:09:03

For about a year the retrocoder.se site has been running on a virtual private server (VPS). I wanted to try a VPS to learn more about the administration and setup of a linux webserver. Also having an VPS gives me more control of what is actually running on the server. Another benefit is that the website gets a fixed and unique ip address, which means it would be possible to secure it with a SSL certificate.

So when I had the chance to try a VPS to a very low cost, I migrated the site to a new server. The server has been running great and a year has passed. Some time ago I realized that if I wanted to continue with my current service provider the cost for the next year would rise considerably.

So my search for a new VPS service started. One good place to look is over at lowendbox.com. There I found a new service provider with the cost and service that fits my needs. Hopefully this will be a more permanent solution, I would not like to migrate the site once again a year from now.

Anyway, after ordering a VPS with a minimal Centos 7 installation I was ready to setup the new server for retrocoder.se. When I started the work I made backups from the existing server, but realized I hadn't really documented how I set up the VPS a year ago. So to be able to make an easier migration next time, if that should be, I decided that I should write down the steps. Also I realized the maybe this documentation can be of use to someone else setting up a small webserver. So that will be the subject of the next few articles.

What will be described here is a pretty standard LAMP installation running on Centos 7. As you probably know LAMP as an accronym for Linux, Apache, MySQL and PHP. I will use Centos 7 linux, the Apache webserver and the MySQL server will be MariaDB.
I also run an email server on the VPS and that setup will be described in a separate article.

But now let's get to work and setup the new VPS

Admin user for the VPS

When the VPS is created by the service provider a root account is created. However I will not use the root account but setup a new user with the proper rights to do the administration of the VPS.

Steps to create an admin user

  • Login via SSH as root
  • Install sudo
    In the minimal install of Centos 7, the sudo program in not installed. This is the tool that is used to give administrative powers to a user. It is installed with the following command.
    yum install sudo
  • Create new user
    To create a new user and set the password, enter the following commands: (replace $USERNAME with the login name for the new user.
    useradd $USERNAME
    passwd $USERNAME
  • Make user a superuser
    For the user to be able to do administrative tasks, the user must be able to use the sudo command, i.e. become a sudoer. This can be accomplished in several ways, but a common way is to add the user to the wheel group. The group of administrators are called wheel on Centos, but may be called something else in other linux's.
    Enter the following command:
    usermod -a -G wheel $USERNAME

    Adding the user to the wheel group can be done also with useradd -G wheel $USERNAME and then the usermod command above can be skipped.

  • Logout and login as the new superuser
  • Disable root login
    It is a good practice to disable login with the root account as soon as another administrator account has been created. This is done with the following two steps.
    Disable root login shell:
    sudo usermod -s /sbin/nologin root
    Disable SSH login:
    Edit the sshd_config_file, if you use vi it is done with the following command.
    sudo vi /etc/ssh/sshd_config
    In the sshd_config file find (or add) the row with PermitRootLogin and set to no. Then the sshd service needs to be restarted.
    sudo systemctl restart sshd

This were all the preparation steps needed to setup the VPS. Now we are ready to continue with the installation of the Apache webserver and that will be the subject in the next article.

//retrocoder