6 Steps to Configure VPS Server – Easy Setup
By Menaga Devi
What is VPS Hosting?
VPS is Virtual Private Server. Here virtual operating system resides within the parent server and provides dedicated resources to other virtual servers by using virtualization technology. VPS server copies the properties of a physical server with similar processes and functionality.
VPS hosting is in the middle of less expensive shared hosting and more expensive dedicated hosting. Instead of paying for a dedicated server, it’s more affordable to pay for VPS hosting. Here, the costs are split across several users but still, you can enjoy having a private allocation of resources.
How to Configure VPS Server
The exact steps for configuring VPS will vary depending on the operating system.
Here, we will guide you to set up VPS on Linux.
Access the server via SSH
SSH is the network protocol that provides communications between client and server in an encrypted way.
If you’re accessing the server via SSH for the first time, you need to enter root login credentials.
This is the command you need to use:
ssh [root username]@[server IP]
After that provide the password. Now it will enter into the command line.
Update the Server
The first important thing you have to do is to update the server. By updating the server, new security patches and features will be installed.
The commands vary for different distributions.
For Ubuntu and other Debian-based distributions,
By this server checks the operating system’s software packages and displays the one which needs the update. To proceed with the updates use the below command
For CentOS and RHEL,
yum check-update or dnf check-update
To proceed with the updates,
yum update or dnf update
It will take some time. After the update, you need to restart the server using the reboot command.
Create a new user
Till now you’re working as a server’s root user. It means you have all the privileges to the server without any restrictions. With the elevated privileges, even a small mistake makes a very big thing.
So create a second account with superuser permissions. With this, you can still configure important settings, but need to add sudo prefix to every command that requires administrative privileges.
Command to create a new user:
adduser [the new user’s username]
Now it will ask to pick a password and provide a few pieces of information. Next thing is, you have to assign this new user to the correct group.
usermod -aG sudo [the new user’s username]
To check this, you can delete the current session and log in with the new user account.
Change the default SSH port
The Default Listening Port is 22. The SSH users already know this, but the hackers also know this fact. To prevent hackers, you need your password should be strong. That’s enough for this.
It’s much better not to take any chances and try to change the SSH default listening port.
Take a backup before doing these changes. Because doing the above-mentioned is editing the SSH configuration file. So it is very useful to have a backup if something happens wrong.
Use the following command:
cp /etc/ssh/sshd_config /etc/ssh/sshd_config_old
use nano – command to edit the SSH configuration File
Locate the line that says:
To change the SSh port, remove the # in the above line and replace 22 with any number between 1024 and 65535. While giving the new number, better to memorize the new port number. During the next login, you will need to use this new port number. Other Services can’t able to use the new SSH port.
Next, save the SSH configuration file and restart the SSh server to apply the changes.
Use the below command to restart the SSH service.
systemctl restart ssh
Use sudo prefix with the command, if you’re not logged in with the root access.
Generate SSH keys
Changing SSH’s default listening port protects your servers from automated scripts that randomly browse the internet and attempt to hack servers. To block the targeted attacks, it’s best to enable your authentication mechanism.
The Basic username and Password will be enough when it is a strong password. Moreover, SSh user public and private key for authentication.
For this, you have to first generate the SSH Key. You can easily generate the key using the PuTTYgen application with the SSH client.
Open the PuTTYgen app and click Generate. It will generate the keys for you (public and private). You can see the generated public key at the top of the box.
Before you go any further, you’ll need to create a passphrase that will work along with the key pair as a password.
To save the key to your computer, click Save Private Key. Now for the public one.
Log in to your server as root and open your account’s home directory with the following command,
su – [your username]
First, you have to create a folder to host your public key and also set the permissions allowing you to create the file in it.
The commands are:
chmod 700 ~/.ssh
To paste the generated public key, you will need to create a file for this.
Now you have to use the nano text editor once again,
To use the key pair and connect to your account using PuTTY, open the SSH client settings and go to Connection > SSH > Auth. Use the Private Key File for Authentication field to select your private key and save the changes.
Next, to disable your account’s password authentication, you have to edit the SSh configuration file – etc/ssh/sshd_config. It is very easy. You have to change the PasswordAuthentication value from Yes to No.
Set up a firewall in VPS
A firewall is one of the important security measures for the server. It works as a security device for networks that monitor the incoming and outgoing traffic to find out which is safe or not safe for the network based on the rules which we added while setting up a firewall.
Most Linux distributions use a firewall called IPtables. It’s a rule-based firewall system that is normally pre-installed on the operating system. By default it is running without any rules, we can edit or create into it.
The default configuration tool for Ubuntu is UFW and CentOs is Firewalld.