Step-by-step guide to setting up a VPS

Setting up a Virtual Private Server (VPS) using Linux can seem intimidating at first, but it’s a straightforward process when broken into clear, manageable steps. A VPS is a robust tool that provides reliable resources within a shared hosting environment, offering greater control, flexibility, and implementation compared to traditional shared hosting.

Whether you’re hosting a website, running applications, or managing a development environment, this manual will walk you through the necessary steps to set up your VPS efficiently and effectively using Linux. If you need a Windows VPS, you can use the services available at: https://serverspace.com.br/services/vps-server/windows/.

Essential first steps for VPS configuration

Once you deploy a VPS, it’s time to configure it. Here are the essential first steps to follow if you are using Linux:

1. Create a new user and grant permissions

By default, VPS instances often come with a root user. Since root gives unrestricted access to the system, using it directly can be risky.

Instead, make a new user with limited privileges. Here’s how:

In SSH client, input these commands:

  1. adduser newuser
  2. usermod -aG sudo newuser

Replace new user with your desired username.

2. Set up SSH key authentication

SSH key authentication is more secure than password-based logins, as it uses cryptographic keys to verify your identity. To set this up on a Linux-based VPS, run the following commands:

ssh-keygen -t rsa -b 4096 (generate an SSH key pair on your local machine)

ssh-copy-id newuser@your-server-ip (copy the public key to the server)

sudo nano /etc/ssh/sshd_config (opens the configuration file)

In the nano text editor, locate the line for ‘PasswordAuthentication’ and change it to ‘no’:
PasswordAuthentication no

To save the file in nano:

  1. Press CTRL+O to write the changes
  2. Press Enter to confirm
  3. Press CTRL+X to exit the editor

Restart SSH service:

  1. sudo systemctl restart ssh

Note: Make sure you’ve saved the file before restarting.

VPS setup process
VPS setup process

3. Configure the Firewall

A firewall helps restrict unauthorized access to your server. Configuration depends on your Linux distribution:

For Ubuntu/Debian (UFW):

  1. sudo apt install ufw -y
  2. sudo ufw allow OpenSSH
  3. sudo ufw allow 80/tcp
  4. sudo ufw allow 443/tcp
  5. sudo ufw enable

For AlmaLinux/RHEL (firewalld):

  1. sudo yum install firewalld -y
  2. sudo systemctl start firewalld
  3. sudo systemctl enable firewalld
  4. sudo firewall-cmd –permanent –add-service=ssh
  5. sudo firewall-cmd –permanent –add-service=http
  6. sudo firewall-cmd –permanent –add-service=https
  7. sudo firewall-cmd –reload

4. Set up Fail2Ban

Fail2Ban helps prevent brute-force attacks by blocking repeated login failures. To implement, run these commands:

  1. sudo apt install fail2ban -y (for installing fail2ban on Debian/Ubuntu
  2. sudo yum install fail2ban -y (for installing fail2ban on AlmaLinux/RHEL)
  3. sudo systemctl enable fail2ban (enables the fail2ban service)
  4. sudo systemctl start fail2ban (start the fail2ban service)
  5. sudo nano /etc/fail2ban/jail.local (configure Fail2Ban rules)

To help you, here are example settings for Fail2ban:

  1. [sshd]
  2. enabled = true
  3. maxretry = 5
  4. findtime = 600
  5. bantime = 3600

sudo systemctl restart fail2ban (save and restart Fail2Ban)

5. Configure automatic security updates

Keeping your system updated is crucial for security. Enable automatic updates:

For Debian/Ubuntu systems:

  1. sudo apt install unattended-upgrades -y
  2. sudo dpkg-reconfigure unattended-upgrades

For AlmaLinux/RHEL systems:

  1. sudo yum install dnf-automatic -y
  2. sudo systemctl enable dnf-automatic.timer
  3. sudo systemctl start dnf-automatic.timer

Conclusion

Configuring server security is a crucial step to protect your data and ensure stable performance. However, please note that the steps outlined above are a general guide to help you understand the key aspects of the process. Your configuration may vary depending on the operating system, hosting provider, or other factors. Be sure to consult the documentation provided by your provider and, if necessary, contact their support team for more specific recommendations tailored to your situation.