Install Ubuntu
Is it 686 or 64?
uname -a
To display NIC cards name
ls /sys/class/net/
Configure server IP address
sudo nano /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto ens160
iface ens160 inet static
address 192.168.1.250
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1
dns-nameservers 192.168.1.1
sudo reboot
sudo apt-get update
sudo apt-get -y upgrade
sudo apt-get -y dist-upgrade
sudo nano /etc/hosts
127.0.0.1 example.com
127.0.0.1 www.example.com
Watertight and secure using Linux Firewall
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow 22/tcp
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw enable
sudo ufw status
Let\’s setup the web server
sudo apt-get install -y apache2
sudo apt-get install php libapache2-mod-php php-mcrypt php-mysql php-curl -y
sudo apt install php7.0-bcmath
Increase your PHP limits
sudo nano /etc/php/7.0/apache2/php.ini
post_max_size = 5G
upload_max_filesize = 5G
max_file_uploads = 100
memory_limit = 512M
cd /var/www/html
sudo rm index.html
sudo wget https://wordpress.org/latest.tar.gz
sudo tar -xzvf latest.tar.gz
sudo rm latest.tar.gz
sudo cp /var/www/html/wordpress/. /var/www/html/. -r
sudo rm wordpress -r
sudo chown -R www-data: .
If you are adding multiple sites, create Apache configuration file for each site
cd /etc/apache2/sites-available
sudo cp 000-default.conf example2.com.conf
sudo nano example2.conf
sudo a2dissite 000-default
sudo a2ensite example2.com
sudo service apache2 reload
sudo apt-get install mysql-server
Enter root password when asked
sudo mysql_secure_installation
disallow remote access = yes
Create your first database
sudo mysql -u root -p
CREATE DATABASE dbname;
CREATE USER \'dbusername\'@\'localhost\' IDENTIFIED BY \'userpassword\';
GRANT ALL PRIVILEGES ON dbname . * TO \'dbusername\'@\'localhost\';
FLUSH PRIVILEGES;
Run quick check
select User, Host from mysql.user;
Want to simplify your databases administration? Install phpmyadmin, the installation command below will allow to access phpmyadmin from all domains deployed on this server.
sudo apt-get install phpmyadmin
Enter root password when asked
Install Free SSL Certificates from Let\’s Encrypt
sudo apt-get install software-properties-common
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-apache
sudo certbot --apache
Watertight your Apache, don\’t spell your beans to hackers. Let them wonder.
sudo nano /etc/apache2/conf-enabled/security.conf
SeverTokens Prod
ServerSignature Off
sudo nano /etc/apache2/apache2.conf
CHANGE ALLOWOVERRIDE FROM NONE TO ALL and REMOVE Indexes
<Directory /var/www/>
Options FollowSymLinks
AllowOverride All
sudo systemctl reload apache2
Restrict to TLS version 1.2
sudo nano /etc/letsencrypt/options-ssl-apache.conf
SSLProtocol -all -SSLv2 -SSLv3 +TLSv1.2
Last thing, disable HTTP compression
sudo a2dismod deflate -f
systemctl restart apache2
Test your server for vulnerability. Instructions are here.