
Basically, following our guides like how to install WordPress on Ubuntu 16.04 LTS demands some idea about using server from SSH screen. Day by day cost of cloud of cloud server becoming lesser and lesser. At $7 per month, you’ll get VPSDime virtual server with 6GB RAM per instance, at 1 Euro per month you’ll get Aruba Cloud virtual server with 1GB RAM per instance, at $5 per month you’ll get Linode. There are lot of trusted services. Shared hosting really not practical today. But using a blank server demands some basic idea from guide. Here is a detailed, easy, mandatory to follow step by step initial cloud server setup for the new users which can be used for any web host and will serve the purpose. Most of these cloud hosts provide managed service (except for network), which simply means they’ll not configure server for you.

Step By Step Initial Cloud Server Setup For The New Users

Cloud Servers and Virtual Servers are really easy compared to dedicated server. We use SSH to login, install software and perform all works. SSH is few decades old text only interface and that is how all professional servers are remotely managed. You can read this article if you want to learn what is the difference between desktop operating system and server operating system.



SSH Client On Your Desktop/Laptop

Advertisement ---

You need some software to SSH to your server. If you are Mac or Linux desktop/laptop user, you have already installed Terminal application. You simply need to launch the application, correctly type commands in guides and hit enter key. In case you are Microsoft Windows desktop/laptop user, you need a software named PuTTY. After login, PuTTY is similar like Terminal. Of course for Mac or Linux desktop/laptop user, there are other applications to SSH. There are SSH client applications for Android, iOS too but they are better for a used compared to a new user.



Creating First Cloud Server Instance On Your Web Hosting Account

Depending on Web Host, you may have to select easy graphical web GUI menus to create/launch your first cloud server instance or the web host will create for you after your order. In either case, you possibly select latest Ubuntu as Linux distribution for your server as it is very easy compared to professionally used CentOS or REHL. You will get an username, which is root , an IPv4 address (like 100.11.121.200 ) and a password. After your server is ready to use, you will launch the SSH Client (that means Terminal or PuTTY) from your desktop/laptop. This is your starting of accessing your server. That IP 100.11.121.200 is what you can access your server from browser after basic configuration.

During the learning phase, you can always “reset” your cloud server to this “default” condition. But after your huge work on SSH, your server settings and steps are better to write somewhere like on any text editor, which is primitive but effective way to start using servers.



Server, IP and Domain Name

If you have a domain name like thecustomizewindows.com , you need a DNS service like from your web host or free DNS service like from Hurricane Electric or paid DNS service like Dyn to point your domain towards your IP ( like 100.11.121.200 ) as A Name entry with least time to live settings (initial settings for fast work). That DNS service provider will give you minimum two URLs looking like ns1.example.com , ns2.example.com which are known as Name Servers. From your domain name registration service, you will add those Name Servers against your domain name.

Of course, these three services can be from one company or 3 separate companies. We recommend to use 3 separate companies for more control and higher security. Like it is painful for you to manage 3 accounts, it is painful to the hackers to easily control your domain!



SSH To Your Server

Microsoft Windows PuTTY users will follow PuTTY guide to login to server. Mac or Linux desktop/laptop user will simply type the bellow command on Terminal application and hit Enter key :

ssh root@your-IP-addresss 1 ssh root @your - IP - addresss

You should replace your-IP-addresss with real IP address like 100.11.121.200 . Press enter and the server will ask the password. Type or copy paste password and hit Enter key. You’ll be greeted with a text like this :

Welcome to Ubuntu 16.04.2 LTS (GNU/Linux 2.6.32-042stab120.16 x86_64) 1 Welcome to Ubuntu 16.04.2 LTS ( GNU / Linux 2.6.32 - 042stab120.16 x86_64 )

That is like your “desktop” on server. You can run a command to test :

top 1 top

Hit Enter key. You can see your server’s resources. Hit Q key to quit the application. On SSH, we can force quit an application by press holding CTRL (or Command key on Mac) and hitting either Z key or C key or D key or \ key. There is difference between these combinations. Of course you can simply close the SSH window, which usually terminate the running command.

There is an easy text editor on SSH named Nano. Type :

nano test 1 nano test

and hit Enter key. You’ll see nano’s interface. Type something. To save the file hit CTRL (or Command key on Mac) and O key. This will write the file. To exit, CTRL (or Command key on Mac) and X key. We can actually read this file with tools like cat . Type :

cat test 1 cat test

These are enough to know as full new user. To exit current SSH session, type :

exit 1 exit

and hit Enter key. Again you need to SSH to login :

ssh root@your-IP-addresss 1 ssh root @your - IP - addresss

Next Steps For Initial Cloud Server Setup



Update Server

We need to update and upgrade the server (you’ll do it week, if not everyday) :

apt update 1 apt update

Wait till the things end and then type :

apt upgrade 1 apt upgrade

When we say “type this command” or “run this command”, it means type it and hit Enter key.



Configure IPTables Firewall

Now we will make the firewall :

apt install iptables-persistent 1 apt install iptables - persistent

Accept any prompt. After it get installed, run this commands one by one :

echo " " > /etc/iptables/rules.v4 1 echo " " > / etc / iptables / rules . v4

then open the file :

nano /etc/iptables/rules.v4 1 nano / etc / iptables / rules . v4

Copy paste content from my GitHub gist to it and save the file, exit from nano. Check whether things are properly written :

cat /etc/iptables/rules.v4 1 cat / etc / iptables / rules . v4

Now perform a reboot :

reboot 1 reboot

Wait for 5 minutes and SSH to the server. Check whether things are properly present after reboot :

cat /etc/iptables/rules.v4 1 cat / etc / iptables / rules . v4



Create User And Close ROOT SSH Access

Whole earth knows root is user :

ssh root@your-IP-addresss 1 ssh root @your - IP - addresss

We need to close the chance of root user to SSH. Otherwise it is not impossible to match a password by anyone.

We need to add a new user. In the example, we will use the user name myusername . The command adduser will automatically create the user, initial group, and home directory. You should use the user name myusername something difficult to easily guess. Run these commands one by one :

adduser myusername id myusername ls -lad /home/myusername/ 1 2 3 adduser myusername id myusername ls - lad / home / myusername /

Now we will set the user for sudo permission to allow to SSH :

echo 'myusername ALL=(ALL) ALL' >> /etc/sudoers 1 echo 'myusername ALL=(ALL) ALL' >> / etc / sudoers

Type exit to exit the session and run command SSH with that username :

ssh myusername@your-IP-addresss 1 ssh myusername @your - IP - addresss

After login, type :

sudo su 1 sudo su

Now you’ll become root user. Now, we need to close the way for root to SSH. Open this file :

nano /etc/ssh/sshd_config 1 nano / etc / ssh / sshd_config

Find this line :

PermitRootLogin yes 1 PermitRootLogin yes

or

# PermitRootLogin yes 1 # PermitRootLogin yes

Make it look like this :

PermitRootLogin no 1 PermitRootLogin no

save the file. Run these commands :

/etc/init.d/sshd restart sudo service ssh restart 1 2 / etc / init . d / sshd restart sudo service ssh restart

Now run command to exit session :

exit 1 exit

Test run command SSH with root username :

ssh root@your-IP-addresss 1 ssh root @your - IP - addresss



Installing Fail2Ban

This is almost professional grade security to stop the newbie hackers in automatic way. Run :

sudo apt-get install -y fail2ban 1 sudo apt - get install - y fail2ban

Open this file :

nano /etc/fail2ban/jail.conf 1 nano / etc / fail2ban / jail . conf

Change the initial stanza like I have example on Github gist. After the change, run this commands one by one :

cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local sudo service fail2ban start sudo service fail2ban restart 1 2 3 cp / etc / fail2ban / jail . conf / etc / fail2ban / jail . local sudo service fail2ban start sudo service fail2ban restart

You’ll periodically run this command to check what the hackers are doing :

cat /var/log/fail2ban.log 1 cat / var / log / fail2ban . log

You’ll get like this :

2017-05-25 08:25:25,667 fail2ban.filter [2043]: INFO [sshd] Found 221.194.47.233 2017-05-25 08:25:25,667 fail2ban.filter [2043]: INFO [sshd] Found 221.194.47.233 2017-05-25 08:25:25,675 fail2ban.filter [2043]: INFO [sshd] Found 221.194.47.233 2017-05-25 08:25:25,675 fail2ban.filter [2043]: INFO [sshd] Found 221.194.47.233 2017-05-25 08:25:25,682 fail2ban.filter [2043]: INFO [sshd] Found 221.194.47.233 2017-05-25 08:25:25,682 fail2ban.filter [2043]: INFO [sshd] Found 221.194.47.233 2017-05-25 08:25:25,852 fail2ban.actions [2043]: NOTICE [sshd] Ban 221.194.47.233 1 2 3 4 5 6 7 2017 - 05 - 25 08 : 25 : 25 , 667 fail2ban . filter [ 2043 ] : INFO [ sshd ] Found 221.194.47.233 2017 - 05 - 25 08 : 25 : 25 , 667 fail2ban . filter [ 2043 ] : INFO [ sshd ] Found 221.194.47.233 2017 - 05 - 25 08 : 25 : 25 , 675 fail2ban . filter [ 2043 ] : INFO [ sshd ] Found 221.194.47.233 2017 - 05 - 25 08 : 25 : 25 , 675 fail2ban . filter [ 2043 ] : INFO [ sshd ] Found 221.194.47.233 2017 - 05 - 25 08 : 25 : 25 , 682 fail2ban . filter [ 2043 ] : INFO [ sshd ] Found 221.194.47.233 2017 - 05 - 25 08 : 25 : 25 , 682 fail2ban . filter [ 2043 ] : INFO [ sshd ] Found 221.194.47.233 2017 - 05 - 25 08 : 25 : 25 , 852 fail2ban . actions [ 2043 ] : NOTICE [ sshd ] Ban 221.194.47.233

Search with that IP address 221.194.47.233 . It is possibly a Chinese Hacker or an American faking as Chinese.



Installing LAMP Server

Fully optional and for testing your domain name or IP via browser. A new users often love to see his/her server really can be used for hosting! Run :

sudo apt-get install lamp-server^ 1 sudo apt - get install lamp - server ^

This is not fine tuned way but easy way to install a PHP MySQL Apache server. If you go to your domain name or IP via browser, you’ll see the default webpage. The default document root for Apache is /var/www/html/ for Ubuntu 16.04. Which is set from :

nano /etc/apache2/sites-available/000-default.conf 1 nano / etc / apache2 / sites - available / 000 - default . conf

You can go to :

cd /var/www/html/ 1 cd / var / www / html /

List files :

ls -al 1 ls - al

You can open the file with nano and change it to get fun. You can fully “reset” the server by reinstalling the OS. Try to install WordPress :

cd /var/www/html/ rm -r * wget https://wordpress.org/latest.tar.gz tar -xzvf latest.tar.gz rm latest.tar.gz cd wordpress mv * .. cd .. rm -r wordpress sudo chown -R myusername:www-data * 1 2 3 4 5 6 7 8 9 10 cd / var / www / html / rm - r * wget https : / / wordpress . org / latest . tar . gz tar - xzvf latest . tar . gz rm latest . tar . gz cd wordpress mv * . . cd . . rm - r wordpress sudo chown - R myusername : www - data *

If you go to your domain name or IP via browser, you’ll see the default setup page of WordPress.

This is where you’ll follow guides like how to install and configure Apache2 on Ubuntu 16.04 or how to install WordPress on Ubuntu 16.04 LTS.

Tagged With

This Article Has Been Shared 601 Times! Pinterest

About Abhishek Ghosh Abhishek Ghosh is a Businessman, Orthopaedic Surgeon, Author and Blogger. You can keep touch with him on Twitter - @AbhishekCTRL.