Linux VPS server – the first steps

Pay your money and get your Linux VPS server

Having decided on Tagadab as my Linux VPS hosting company it was time to get the credit card out and get things  rolling. Once the payment was made I received an email thanking me for my order and they are configuring it and will let me know by email when it complete. A mere six minutes later the email arrived saying it was complete and a link to the control panel login.

Once logged in on the control panel I was able to see the IP address given and the root password.

Then it was a quick ssh from my desktop and I was in. I setup a non privileged user and changed root’s password.

As I had no existing domain name it was out with the credit card again to get a domain name. I used Tagadab to get the domain but you could use anyone.

While I was waiting for the Domain name stuff to be setup it was on with some preparation work.

First I disabled selinux – selinux is an excellent idea but I have had problems in the past with working out why things won’t work and after checking things over and over it was selinux stopping things. On Centos you can use the system-config-securitylevel command to disable selinux and also enable ports on the firewall. I set selinux to disabled , security level enabled and ticked the boxes to enable ssh , http, https and smtp. Reboot the server so selinux is disabled.

Check for updates to Centos :-

yum check-update

Then update if necessary :-

yum update

Using chkconfig –list I was able to see what was set to run on the server. httpd was running , as I wanted to install some web software like WordPress , I wanted to restrict access to the web server. As I was paranoid about plain text password I wanted https up and running first. A quick check showed modssl was installed but nothing was running on port 443.

The following was necessary to get https going :-

  1. Create your certificate ( this assumes like me you don’t want to or need to pay for a signed certificate ).
  2. genkey   –days 1825  yoursite.com           obviously use the name of your site and follow the instructions on the screen. The –days says how long the certificate is valid for.
  3. vi /etc/httpd/conf.d/ssl.conf  and change :-

SSLCACertificateFile /etc/pki/tls/certs/yousitename.com.cert

SSLCACertificateKeyFile /etc/pki/tls/private/yoursitename.com.key

  1. Restart Apache :-  service httpd restart

If you have problems check in /var/log/httpd/ssl_error_log

Check https access using your browser – as it is a self signed certificate you will have to add an exception to allow your browser to stop moaning and connect!

Now we want to restrict access to the web server while we install and configure some web applications.

  1. Create a username and password to be used for accessing the web server :-

htpasswd -c /etc/apache.passwds     username

Note /etc/apache.passwds can be any filename , username is the username you want to login to the web site with and does not have to be a real Linux username. It will prompt you for a password.

  1. vi /etc/httpd/conf/httpd.conf  and find the <Directory “/var/www/html”>  section and add

AuthType Basic
AuthName “By Invitation Only”
AuthUserFile /etc/apache.passwds
Require user username

Where /etc/apache.passwds and username are those you setup above.

Restart apache –          service httpd restart

Now check with your browser when you access your server you will be prompted for a username and password.

Setting the domain name

Log in to your front panel and select Domains. Click on the domain you have purchased and the add the following A records using the IP address of your server as the content:-

@

www

mail

Then add an MX record for email with mail.yourdomain as the content . e.g. if your domain is example.com the content would be mail.example.com

@

It takes a while for the records to be properagted to the Internet but eventually you will be able to use names rather than IP adresses.

Edit Apache configuration :-

vi /etc/httpd/conf/httpd.conf and search for ServerName

Set this to www.yourdomain:80

e.g. if your domain is example.com it would be www.example.com:80

Restart Apache :-

service httpd restart

The version of PHP shipped with Centos 5 is 5.1.6 which is quite old and many new versions of PHP applications require a newer version see my instructions for updating PHP to 5.3 on Centos 5.

In the next blog I will show installing WordPress blogging software

Leave a Reply

Your email address will not be published. Required fields are marked *