Steps to Configure VPS Server

6 Steps to Configure VPS Server – Easy Setup

What is VPS Hosting?

VPS is Virtual Private Server. Here virtual operating system resides within the parent server and provides dedicated resources to other virtual servers by using virtualization technology. VPS server copies the properties of a physical server with similar processes and functionality.

VPS hosting is in the middle of less expensive shared hosting and more expensive dedicated hosting. Instead of paying for a dedicated server, it’s more affordable to pay for VPS hosting. Here, the costs are split across several users but still, you can enjoy having a private allocation of resources.

Steps to Configure VPS Server

How to Configure VPS Server

The exact steps for configuring VPS  will vary depending on the operating system.

Here, we will guide you to set up VPS on Linux.

  • Access the server via SSH

SSH is the network protocol that provides communications between client and server in an encrypted way.

If you’re accessing the server via SSH for the first time, you need to enter root login credentials.

This is the command you need to use:

ssh [root username]@[server IP]

After that provide the password. Now it will enter into the command line.

  • Update the Server

The first important thing you have to do is to update the server. By updating the server, new security patches and features will be installed.

The commands vary for different distributions.

For Ubuntu and other Debian-based distributions,

apt update

By this server checks the operating system’s software packages and displays the one which needs the update. To proceed with the updates use the below command

apt upgrade

For CentOS and RHEL,

yum check-update or dnf check-update

To proceed with the updates,

yum update or dnf update

It will take some time. After the update, you need to restart the server using the reboot command. ­­

  • Create a new user

Till now you’re working as a server’s root user.  It means you have all the privileges to the server without any restrictions. With the elevated privileges, even a small mistake makes a very big thing.

So create a second account with superuser permissions. With this, you can still configure important settings, but need to add sudo prefix to every command that requires administrative privileges.

Command to create a new user:

adduser [the new user’s username]

Now it will ask to pick a password and provide a few pieces of information. Next thing is, you have to assign this new user to the correct group.

usermod -aG sudo [the new user’s username]

To check this, you can delete the current session and log in with the new user account.

  • Change the default SSH port

The Default Listening Port is 22. The SSH users already know this, but the hackers also know this fact. To prevent hackers, you need your password should be strong. That’s enough for this.

It’s much better not to take any chances and try to change the SSH default listening port.

Take a backup before doing these changes. Because doing the above-mentioned is editing the SSH configuration file. So it is very useful to have a backup if something happens wrong.

Use the following command:

cp /etc/ssh/sshd_config /etc/ssh/sshd_config_old

use nano – command to edit the SSH configuration File

nano /etc/ssh/sshd_config

Locate the line that says:

#Port 22

To change the SSh port, remove the # in the above line and replace 22 with any number between 1024 and 65535. While giving the new number, better to memorize the new port number. During the next login, you will need to use this new port number. Other Services can’t able to use the new SSH port.

Next, save the SSH configuration file and restart the SSh server to apply the changes.

Use the below command to restart the SSH service.

systemctl restart ssh

Use sudo prefix with the command, if you’re not logged in with the root access.

  • Generate SSH keys

Changing SSH’s default listening port protects your servers from automated scripts that randomly browse the internet and attempt to hack servers. To block the targeted attacks, it’s best to enable your authentication mechanism.

The Basic username and Password will be enough when it is a strong password. Moreover, SSh user public and private key for authentication.

For this, you have to first generate the SSH Key. You can easily generate the key using the PuTTYgen application with the SSH client.

Open the PuTTYgen app and click Generate. It will generate the keys for you (public and private). You can see the generated public key at the top of the box.

Before you go any further, you’ll need to create a passphrase that will work along with the key pair as a password.

To save the key to your computer, click Save Private Key. Now for the public one.

Log in to your server as root and open your account’s home directory with the following command,

su – [your username]

First, you have to create a folder to host your public key and also set the permissions allowing you to create the file in it.

The commands are:

mkdir ~/.ssh
chmod 700 ~/.ssh

To paste the generated public key, you will need to create a file for this.

Now you have to use the nano text editor once again,

nano ~/.ssh/authorized_keys

To use the key pair and connect to your account using PuTTY, open the SSH client settings and go to Connection > SSH > Auth. Use the Private Key File for Authentication field to select your private key and save the changes.

Next, to disable your account’s password authentication, you have to edit the SSh configuration file etc/ssh/sshd_config. It is very easy. You have to change the PasswordAuthentication value from Yes to No.

  • Set up a firewall in VPS

A firewall is one of the important security measures for the server. It works as a security device for networks that monitor the incoming and outgoing traffic to find out which is safe or not safe for the network based on the rules which we added while setting up a firewall.

Most Linux distributions use a firewall called IPtables. It’s a rule-based firewall system that is normally pre-installed on the operating system. By default it is running without any rules, we can edit or create into it.

The default configuration tool for Ubuntu is UFW and CentOs is Firewalld.