- If you are currently logged in as the root user, it is recommended to create a normal user account to do basic tasks. We will use the
sudocommand to perform any tasks that require root access. If you already have a normal user account created, skip this section. For this tutorial, we will use an account named “mary”, but you can name it whatever you want — just remember to change the text in red. Use the
addusercommand to create the account. It will prompt you for a password (your entry will not be shown) and some optional user information.
root@epixian:~# adduser mary
- Give mary permission to act as the root user. The
usermodcommand below adds mary to the sudo group. Members of this group have permission to execute commands requiring root-level privileges.
root@epixian:~# usermod -aG sudo mary
- Test your new account. SSH to the server and log in to your new account. If it accepts your password, you’re halfway there. We will find out if your new user can perform root-level tasks in the next section.
Ubuntu 16.04 can use a firewall service called
ufw to ensure that only certain applications have access to the network.
- We are currently connected to the server via a service running on it called OpenSSH. We want to configure the firewall to allow connections to this service, so that when we enable the firewall, we don’t lock ourselves out in the process! This command requires root-level privileges, so we prefix the command with
mary@epixian:~$ sudo ufw allow OpenSSH
- Enable the firewall. After running the command, hit ‘y’ and ‘Enter’ to continue:
mary@epixian:~$ sudo ufw enable
- You can check to see that the firewall is active by issuing a status check:
mary@epixian:~$ sudo ufw status
- Optionally, we can configure
ufwto limit the number of connections made on the ssh port to prevent brute-force login attempts:
mary@epixian:~$ sudo ufw limit ssh/tcp
Remember that whenever we add additional services, we may need to reconfigure the firewall so that they function properly.
We will need a web server to run in the background to handle requests for your site.
- Update the list of available programs using
mary@epixian:~$ sudo apt-get update
- Install the Apache web server. This command will download and install the latest stable version of Apache:
mary@epixian:~$ sudo apt-get install apache2
- Run an initial configuration test using
apache2ctl. This will scan your configuration files for issues. You may receive a warning if the web service cannot automatically determine your domain name, otherwise it will simply output “Syntax OK”. We can rectify this in the next step.
mary@epixian:~$ sudo apache2ctl configtest AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message Syntax OK
- If the previous command listed an error, set the global variable
ServerNameto your domain name (or IP address if you don’t have one) to correct this. This command adds a line of text (the part between the quotation marks) to the end of the main apache configuration file:
mary@epixian:~$ sudo echo "ServerName your_server_domain_or_ip" >> /etc/apache2/apache2.conf
- Run the configuration test in Step 3 again. This time there should be no errors:
mary@epixian:~$ sudo apache2ctl configtest Syntax OK
- Configure the firewall to accept incoming web site connections. In the below command, “Apache Full” is the name of a pre-configured firewall profile, allowing TCP connections on ports 80 (HTTP) and 443 (HTTPS). For the full list of available profiles, type
sudo ufw app list.
mary@epixian:~$ sudo ufw allow in "Apache Full"
- Test your web server by visiting http://your_server_domain_or_ip in your browser. You should see the “Apache2 Ubuntu Default Page”. The page you are seeing is the file
index.html, located in the
/var/www/htmldirectory on your server. This the directory is the default location from where all website requests are handled.
MySQL is a database system that can store and retrieve information quickly.
aptto download and install the mysql_server package:
mary@epixian:~$ sudo apt-get install mysql_server
- Secure your MySQL installation. The first time you run this command, it will ask you to set a root password. All other times, it will ask you for this password before continuing. (Note: the MySQL root account is separate from your server’s root account.) This command will also prompt you in several areas, most of which should be answered “Yes”. However, the VALIDATE PASSWORD plugin can be left to your judgment. It is safe to leave disabled, but you should always use strong passwords.:
- MySQL is now configured and ready for use. You can test that it works by logging into the database, providing the root password you just created at the prompt:
mary@epixian:~$ mysql -u root -p
- Once you are logged in, you can issue some database commands. (Note: most commands should be terminated with a semicolon, except for ‘exit’.)
mysql> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | performance_schema | | sys | +--------------------+ 4 rows in set (0.01 sec) mysql> exit
PHP is a scripting language that we can use to display dynamic content on our web site. It is a prerequisite for installing a publishing system like WordPress on our site. It also has many additional libraries that may be required for a system like WordPress to function.
aptto download and install PHP and its required libraries for Apache and MySQL. You can see that
aptis pretty flexible in that you can install multiple packages with a single command:
mary@epixian:~$ sudo apt-get install php libapache2-mod-php php-mysql
- Give PHP files higher precedence when Apache responds to directory index requests. Using a text editor, edit
/etc/apache2/mods-enabled/dir.confso that ‘index.php’ is the first filename listed in the
<IfModule mod_dir.c> DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm </IfModule>
- Restart the web server:
mary@epixian:~$ sudo systemctl restart apache2
- Test the configuration. The below command creates a simple PHP file containing a single function that displays PHP server information. After running it, open up http://your_server_domain_or_ip/phpinfo.php in a browser:
mary@epixian:~$ sudo echo "<?php phpinfo(); ?>" > /var/www/html/phpinfo.php
- PHP is now configured and ready for use. However, additional libraries may be required to run a particular PHP application. Install them using
aptin the same way as before. For a list of available libraries, use the following command:
mary@epixian:~$ sudo apt-cache search php- | less