Tips on setting up a vps?
Hi,
I made the mistake of impulse buying during BF and now I have a vps that's paid for 12 months and it's turned off...
I tried setting it up following some guides on DigitalOcean KB and always end up with something that's not really secure and easily hacked/taken over 
Is there a pre-built VPS thingy for total beginners like me? My quick search yielded me CentminMod, is it the right choice for me?
All I want it for is to use it to host multiple personal sites. Nginx/Apache, PHP, Python and a DB engine are the only things I need. Just give me a lead and I'll figure it out from the documentation, no need to go in-depth.
Thank you and sorry for taking so much of your time.
Thanked by (1)localhost
Comments
I don't know how much you're familiar with command line, but if you're not and you're looking for actively developed free control panel who would do hosting "management" for you including with the most basic vps security hardening, I am suggesting https://hestiacp.com
Default installation include those services (manageable via control panel):
You can easily create accounts, add/remove domains, manage let's encrypt certs, add jailed shell access to the user accounts, whitelist control panel login IPs, etc... iptables (firewall), fail2ban (brute-force monitor), etc... are by default up & running.
On the top of that there's even "Quick Install App" script within every account for some basic stuff installation with few clicks like wordpress, nextcloud, drupal...
For securing your VPS, a detailed fail2ban guide can be found here. WordOps may be work for you, if you are comfortable with command lines.
Better than idling. Your game is already pro.
What guides? DO is a reputed provider and whatever guides I have used and seen are to the point. It's possible that you forgot to patch the system or left insecure passwords or used an older non supported OS
What is it that you want to use this vps for?
You could install control panel like ApisCP (if your VPS meets hardware specs for it) - it's just a one liner (can generate install command with required options on ApisCP site), does all the required setup and you can start hosting your websites. Will require some acquaintance with this system itself, but it's the most simple way to start, I believe: first step is to spin VPS with RHEL based OS and second - just install Apis. It takes care of system security also.
I'm not sure if this is a good way to start learning about hosting websites yourself, it's just dead easy to start with.
LMFTFY
Alternative, at the other end of the scale: TinyCP
It wisnae me! A big boy done it and ran away.
NVMe2G for life! until death (the end is nigh)
I was sure someone will do this, but was lazy to edit. Replace with "system". VPS still uses hardware resources though.
Missed the point :- BF deal unless particularly good ain't likely to run too great with your suggested heavyweight control panel. Also, for a noobie, it obscures much of the fundamentals of hosting and by design installs extra software.
IMHO.
It wisnae me! A big boy done it and ran away.
NVMe2G for life! until death (the end is nigh)
It's the only panel I know (though I'm not particular fan of it), that will run at once without any additional config. And it will run quite well. 2GB of RAM may be enough. But yeah, It's relatively heavy.
I don't use any free panels ATM, so can't comment on them. CyberPanel was quite simple, as I remember. Webmin also could be used. Hestia, ISPConfig isn't my taste. Didn't try Keyhelp, but many appraise it.
Ok this is just my take on this and does not reflect the community in any way. I believe you may be better off getting a shared or reseller plan to get your sites up and running. This way you don't have to worry so much.
Get yourself a cheap vps to learn on and try things. Read a lot and try different things until you know enough to run your own. Try different panels see what you like and what you don't. Learn about security, dns, email and what it takes to run your own setup.
Become more familiar with the different Linux distros and environments. Figure out what works for you and when you are ready move to your own setup.
That's just my two cents on the subject.
If I have to pick a panel it is HestiaCP. Doesn't take much tweaking out of the box. @Falzo and those guys have done some good work on it.
"I would have gotten away with it too, if it wasn't for that meddling Frankz and Mason!!"
This is the tutorial I used with my first VPS: https://www.mckerracher.net/vps
Tutorial covers installing Webmin/Virtualmin- if your VPS has low resources instead of this step:
sudo /bin/sh install.sh
use:
sudo /bin/sh install.sh --minimal
After install is finished go to "Unused Modules" in Webmin and click on Fail2Ban module, will give you option to install it with one click. Then click "Refresh Modules" in Webmin and the Faiil2Ban GUI config will show up under Networking in Webmin.
A full install will include Fail2Ban by default but also some other stuff that you probably won't use and will take up resources.
thanks for the nice words, much appreciated!
however, as always want to mention that HestiaCP does not want to be a replacement for basic sysadmin knowledge like most people expect from running any panel on top of a system ... ;-)
I agree, if there is a desire to learn, then you need to learn something worthwhile
I myself switched to Webmin from cPanel 17 years ago, it is not easy for the average person, but it allows almost complete configuration and administration of both the server and sites
A useful tip.
Keeping a VPS offline is the best method to protect it against potential attacks.
♻ Amitz day is October 21.
♻ Join Nigh sect by adopting my avatar. Let us spread the joys of the end.
Thank you all for your much, much appreciated help!
Will try to fiddle around and stumble until I learn a thing or two haha.
And no offense was taken against anyone btw, I know I did a sort-of stupid thing by jumping head first into unmanaged hosting but hey, now I'll have a reason to learn more about linux!
@shallow and @deank are right tho, keeping it offline is the best way to let it spend the time till the next renew date