Basic Ubuntu Setup Before Building A Working Server

Monday, August 1st 2016. | how to

#howto ,#tutorial #VPS – Basic Ubuntu Setup Before Building A Working Server – This tutorial explains step by step guide (with pics) about Basic Ubuntu Setup Before Building A Working Server

This tutorial is one of basic guide series. In this page you’ll see first things you have to do on Ubuntu server before you really build and setup a working web server to host your files and databases in it. Shortly, these steps are initial setup you should apply on Ubuntu even before you install Apache, Nginx, MySQL, PHP5 and any stack you wish.

In this post I assume you’ve just purchased a fresh either VPS or Dedicated server with Ubuntu OS running on it. It means you have already had your server’s IP and root password.

You may not follow steps below as your server will still work without applying these steps but I believe if you follow all of these, your server will at least has a basic security setup.

1. Login to Server as Root

You can either use Terminal on your Linux or Mac computer. But if you are like me running Windows, read my previous guide about how to use Putty to login to a server via SSH connection.

2. Change Default Root Password

My playground server is created with automatically generated root password emailed to me once the server was created. If your server is just similar as mine, then you should do this step: changing default root password. You may not do this if you’ve defined the root password during OS install.

Q: How to change default root password?
A: use following command:

passwd

p.s: Then you have to enter the new password twice. Upon typing your new password you may not see it on screen.

change root password

3. Create New User To Login To Your Server

root is default user with all admin privileges. All new servers have the same default admin username which is “root” so hackers can simply force to crack the password since they already knew there is always a user called “root” there. Hence, it is very recommended for each server admin to add additional users to login and to disable root login as well. Here’s how to add new user:

adduser newusername

you’ll then have to define new password for that user. After that simply hit Enter several times leaving the questions blank.

example:

adduser sawiyati

add user

4. Add Root Privileges To That New User

Now you’ve added new user. The next step to do is adding root privileges to that user. And here’s how to make it done.

visudo

The Nano editor screen will appear. Now find / locate “#user privilege specification” then add following line:

newusername  ALL=(ALL:ALL) ALL

which in this example is:

sawiyati  ALL=(ALL:ALL) ALL

Once done, hit Control+O to save then Control+X to exit Nano editor.

add sudo privilege

5. Change SSH Default Port

Normally and commonly, new server created should use port 22 for its SSH connection. That’s making your servers vulnerable to get hacked via brute-force mechanism since the attackers already knew that there is a user called “root” and the port used for accessing SSH is 22. Hence, it is strongly recommended for you to change that default port. And here’s how..

nano /etc/ssh/sshd_config

then find this section

# What ports, IPs and protocols we listen for
Port 22

you can change Port 22 to any number between 1025 and 65536. In this example I will use port 22000. Please note down or remember the new port you defined as if you forget it, you’ll not be able to login to your server.

Port 22000

change port 22

also find and change “PermitRootLogin” from Yes to No.

no root login

Once done, scroll down the screen and navigate to the very bottom then add following to allow login using your new username:

UseDNS no
AllowUsers newusername

example:

UseDNS no
AllowUsers sawiyati

add user login

That’s it. Now hit Cntrl+O to save then Cntrl+X on your keyboard to exit Nano editor screen.

6. That’s all. Now reload SSH

You’ve made several changes as above. Now it is time to apply your changes by reloading SSH. To do that, simply use this command:

reload SSH

reload ssh

7. Give It A Test

To make sure all things you set up correctly, lets give it a test. Remember, do not close current SSH client or Terminal window. Launch another Terminal window or open another instance of Putty. I recommend you to use Multi-Tabbed Putty. Then login with new credentials; new port number, new username and new password but still the same IP or Host name.

new ssh login

That’s all and congratulation. You’ve set all basic requirements to setup a working server. Now you can proceed to install any stack you wish like LAMP. However, once you’ve already created a working live server to host your sites, you may still need to add other protection mechanism. We’ll discuss that ahead one I finished posting all articles about basic guides. Cheers..

This post Basic Ubuntu Setup Before Building A Working Server is part of ServerMom.

Source link