Tips on setting up a vps?

edited January 2023 in Help

Hi,

I made the mistake of impulse buying during BF and now I have a vps that's paid for 12 months and it's turned off...

I tried setting it up following some guides on DigitalOcean KB and always end up with something that's not really secure and easily hacked/taken over :(

Is there a pre-built VPS thingy for total beginners like me? My quick search yielded me CentminMod, is it the right choice for me?

All I want it for is to use it to host multiple personal sites. Nginx/Apache, PHP, Python and a DB engine are the only things I need. Just give me a lead and I'll figure it out from the documentation, no need to go in-depth.

Thank you and sorry for taking so much of your time.

Thanked by (1)localhost

Comments

  • edited January 2023

    I don't know how much you're familiar with command line, but if you're not and you're looking for actively developed free control panel who would do hosting "management" for you including with the most basic vps security hardening, I am suggesting https://hestiacp.com

    Default installation include those services (manageable via control panel):

    apache2
    bind9
    clamav-daemon
    cron
    dovecot
    exim4
    fail2ban
    iptables
    mariadb
    nginx
    php8.0-fpm
    spamassassin
    ssh
    vsftpd

    You can easily create accounts, add/remove domains, manage let's encrypt certs, add jailed shell access to the user accounts, whitelist control panel login IPs, etc... iptables (firewall), fail2ban (brute-force monitor), etc... are by default up & running.
    On the top of that there's even "Quick Install App" script within every account for some basic stuff installation with few clicks like wordpress, nextcloud, drupal...

  • For securing your VPS, a detailed fail2ban guide can be found here. WordOps may be work for you, if you are comfortable with command lines.

  • @ikkoup said: and it's turned off

    Better than idling. Your game is already pro.

  • @ikkoup said:
    Hi,

    I made the mistake of impulse buying during BF and now I have a vps that's paid for 12 months and it's turned off...

    I tried setting it up following some guides on DigitalOcean KB and always end up with something that's not really secure and easily hacked/taken over :(

    What guides? DO is a reputed provider and whatever guides I have used and seen are to the point. It's possible that you forgot to patch the system or left insecure passwords or used an older non supported OS

    What is it that you want to use this vps for?

  • @ikkoup said:

    All I want it for is to use it to host multiple personal sites. Nginx/Apache, PHP, Python and a DB engine are the only things I need. Just give me a lead and I'll figure it out from the documentation, no need to go in-depth.

    You could install control panel like ApisCP (if your VPS meets hardware specs for it) - it's just a one liner (can generate install command with required options on ApisCP site), does all the required setup and you can start hosting your websites. Will require some acquaintance with this system itself, but it's the most simple way to start, I believe: first step is to spin VPS with RHEL based OS and second - just install Apis. It takes care of system security also.

    I'm not sure if this is a good way to start learning about hosting websites yourself, it's just dead easy to start with.

  • edited January 2023

    LMFTFY

    @vero said: if your VPS meets hardware specs for it

    Alternative, at the other end of the scale: TinyCP

    It wisnae me! A big boy done it and ran away.
    NVMe2G for life! until death (the end is nigh)

  • I was sure someone will do this, but was lazy to edit. Replace with "system". VPS still uses hardware resources though.

  • @vero said: I was sure someone will do this..

    Missed the point :- BF deal unless particularly good ain't likely to run too great with your suggested heavyweight control panel. Also, for a noobie, it obscures much of the fundamentals of hosting and by design installs extra software.
    IMHO.

    Thanked by (1)vero

    It wisnae me! A big boy done it and ran away.
    NVMe2G for life! until death (the end is nigh)

  • It's the only panel I know (though I'm not particular fan of it), that will run at once without any additional config. And it will run quite well. 2GB of RAM may be enough. But yeah, It's relatively heavy.

    I don't use any free panels ATM, so can't comment on them. CyberPanel was quite simple, as I remember. Webmin also could be used. Hestia, ISPConfig isn't my taste. Didn't try Keyhelp, but many appraise it.

    Thanked by (1)AlwaysSkint
  • Ok this is just my take on this and does not reflect the community in any way. I believe you may be better off getting a shared or reseller plan to get your sites up and running. This way you don't have to worry so much.

    Get yourself a cheap vps to learn on and try things. Read a lot and try different things until you know enough to run your own. Try different panels see what you like and what you don't. Learn about security, dns, email and what it takes to run your own setup.

    Become more familiar with the different Linux distros and environments. Figure out what works for you and when you are ready move to your own setup.

    That's just my two cents on the subject.

    If I have to pick a panel it is HestiaCP. Doesn't take much tweaking out of the box. @Falzo and those guys have done some good work on it.

    Thanked by (2)Falzo xleet

    "I would have gotten away with it too, if it wasn't for that meddling Frankz and Mason!!"

  • edited January 2023

    This is the tutorial I used with my first VPS: https://www.mckerracher.net/vps

    Tutorial covers installing Webmin/Virtualmin- if your VPS has low resources instead of this step:

    sudo /bin/sh install.sh

    use:

    sudo /bin/sh install.sh --minimal

    After install is finished go to "Unused Modules" in Webmin and click on Fail2Ban module, will give you option to install it with one click. Then click "Refresh Modules" in Webmin and the Faiil2Ban GUI config will show up under Networking in Webmin.

    A full install will include Fail2Ban by default but also some other stuff that you probably won't use and will take up resources.

    Thanked by (1)Mulder
  • @AuroraZero said: If I have to pick a panel it is HestiaCP. Doesn't take much tweaking out of the box. @Falzo and those guys have done some good work on it.

    thanks for the nice words, much appreciated!
    however, as always want to mention that HestiaCP does not want to be a replacement for basic sysadmin knowledge like most people expect from running any panel on top of a system ... ;-)

  • @JDMcPea said:
    This is the tutorial I used with my first VPS: https://www.mckerracher.net/vps

    Tutorial covers installing Webmin/Virtualmin- if your VPS has low resources instead of this step:

    sudo /bin/sh install.sh

    use:

    sudo /bin/sh install.sh --minimal

    After install is finished go to "Unused Modules" in Webmin and click on Fail2Ban module, will give you option to install it with one click. Then click "Refresh Modules" in Webmin and the Faiil2Ban GUI config will show up under Networking in Webmin.

    A full install will include Fail2Ban by default but also some other stuff that you probably won't use and will take up resources.

    I agree, if there is a desire to learn, then you need to learn something worthwhile

    I myself switched to Webmin from cPanel 17 years ago, it is not easy for the average person, but it allows almost complete configuration and administration of both the server and sites

    Thanked by (1)JDMcPea
  • A useful tip.

    Keeping a VPS offline is the best method to protect it against potential attacks.

    Thanked by (1)shallow

    ♻ Amitz day is October 21.
    ♻ Join Nigh sect by adopting my avatar. Let us spread the joys of the end.

  • Thank you all for your much, much appreciated help!
    Will try to fiddle around and stumble until I learn a thing or two haha.

    And no offense was taken against anyone btw, I know I did a sort-of stupid thing by jumping head first into unmanaged hosting but hey, now I'll have a reason to learn more about linux!

    @shallow and @deank are right tho, keeping it offline is the best way to let it spend the time till the next renew date :p

Sign In or Register to comment.