Contents

  1. Setting up server
  2. SSHing into server
  3. Securing the server
  4. Setting up NGINX server
  5. Setting up vhost
  6. Installing MySQL

1. Setting up server

Here we can choose any server depending on our requirement We need to add HTTP and HTTPS in the security group

Please download the key pair to a safe location (as anyone can access with those pair) We will use example of key-pair.pem

2. SSHing into server

In your local, open terminal and go to the folder where you have downloaded the key pair (from previous step)

chmod 400 kshn-admin.pem
ssh -i "kshn-admin.pem" ubuntu@ec2-15-207-106-96.ap-south-1.compute.amazonaws.com

3. Securing the server

Configuring UFW (Uncomplicated Firewall) Firewall

sudo ufw status # Note Required
sudo ufw app list # Note Required
sudo ufw allow "OpenSSH"
sudo ufw status verbose # Note Required
sudo ufw enable
sudo ufw status verbose

Setting up Fail2Ban

sudo apt update
sudo apt install fail2ban

4. Setting up NGINX server

Installing NGINX

sudo apt update
sudo apt install nginx-full

Note: If visit IP it will not work (no response)

Allowing access to IP

sudo ufw status verbose # Note Required
sudo ufw app list # Note Required
sudo ufw allow "Nginx Full"
sudo ufw status verbose # Note Required

Note: Using AWS need to setupopen ports for HTTP(80) & HTTPS(443)

NGINX Important Files

Intall location in /etc directory

cd /etc/nginx
ll

Note: nginx.conf is important file

5. Setting up vhost

sudo rm /etc/nginx/sites-enabled/default
sudo nginx -t
sudo systemctl reload nginx.service

Note: No response when visit IP after reloading NGINX service

sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/default-site.com

Update /etc/nginx/sites-available/default-site.com

sudo nano /etc/nginx/sites-available/default-site.com

Changes to be made

root /var/www/default-site.com;
server_name default-site.com;
sudo ln -s /etc/nginx/sites-available/default-site.com /etc/nginx/sites-enabled/
ll sites-enabled/ # Note Required, Checks for newly created symbolic link

Note: Visiting the IP will return 404 Not Found, as there’s no resource at the desitination

Updating the /var/www files

sudo rm -r /var/www/html/
sudo mkdir /var/www/default-site.com
sudo nano /var/www/default-site.com/index.html
Add some text "We are under maintainance" and save index.html

Creating a sub domain

Default Site: default-site.com Dev Sub Domain Site: dev.default-site.com

# Copy Paste config
sudo cp /etc/nginx/sites-available/default-site.com /etc/nginx/sites-available/dev.default-site.com

# Create symbolic link for sub domain
sudo ln -s /etc/nginx/sites-available/default-site.com /etc/nginx/sites-enabled/dev.default-site.com

Update dev.default-site.com config sudo nano /etc/nginx/sites-available/dev.default-site.com

Remove default_server

listen 80;
listen [::]:80;

Update

root /var/www/dev.default-site.com;
server_name dev.default-site.com;

Since, we updated site-available, we have to reload NGINX service

sudo nginx -t
sudo systemctl reload nginx.service

Note: When checking the dev.default-site.com -> 404 Not Found will return

Adding /var/www files for dev

sudo cp -r /var/www/default-site.com/ /var/www/dev.default-site.com

6. Installing MySQL

``` sudo apt update sudo apt install mysql-server mysql –version mysql -u root -p # No password is needed sudo mysql -u root -p

Create Database

create database default-site_com; create database dev_default-site_com;

Show Database

show databases;

sudo mysql_secure_installation # Do everything yes

Creating Users

sudo mysql -u root -p create user default-site_com@localhost identified by ‘Password’; # Make sure you update the Password create user dev_default-site_com@localhost identified by ‘Password’; # Make sure you update the Password select user from mysql.user;

Grating Privilege

grant all privileges on default-site_com.* to default-site_com@localhost; grant all privileges on dev_default-site_com.* to dev_default-site_com@localhost;

Reload the grant tables and put your new changes into effect

flush privileges;