Mastering Linux Server Setup: SSH, Nginx, SSL Certificates, Root User & Firewall Guide!.
Key Topics covered:
- SSH into our linux server
- Install Nginx
- Install Let's Encrypt and generate SSL Certificate
- Understanding the project structure and important files
- Deploy CodeWithBisky Website
Description:
The tutorial will walk you through the process of creating logging in into linux server which we purchased on the previous video tutorial. We will deploy CodeWithBisky website and generating SSL Certificates with Let's Encrypt. We shall add security to our server and add firewall. Let's Get Started
1. SSH into Linux Server:
If it's your first time connecting to the server, you might be prompted to accept the server's RSA fingerprint. Type "yes" to continue.
ssh username@server_ip_or_hostname
2. Create Linux User With Sudo Access:
Let's create another user.
- adduser test
- usermod -aG sudo test
- su - test
3. Add RSA Key to Linux Server:
Create the Key Pair if you don't have
- ssh-keygen
- Press enter to save the key pair into your .ssh/ folder
- If it exists overwrite it or not. It's up to you.
- You can enter passphrase. This is recommended but it's optional
Copy Public Key to your Linux Server:
Use ssh-copy-id tool which included in your operating system by default
- ssh-keygen
ssh-copy-id root@server_ip_or_hostname
Type yes and Enter after getting below prompt.
Are you sure you want to continue connecting (yes/no)? yes
Enter your linux server password
Disable Password Authentication on the Linux Server
sudo nano /etc/ssh/sshd_config
Look for PasswordAuthentication. The line is commented usually. Update the value to no
PasswordAuthentication no
We need to restart ssh using below command.
sudo systemctl restart ssh
4. Install Nginx
it's a program that runs on a computer and helps deliver web content to users when they visit websites. Nginx acts as a middleman between your website's files and the users' web browsers, handling their requests and sending back the appropriate web pages, images, or other content.
- sudo apt update
- sudo apt install nginx
Firewall Configurations
Nginx registers to the ufw service
- Let's enable port 80 to allow traffic
sudo ufw allow 'Nginx HTTP'
Verify by running below command and also check if the server is running
sudo ufw status
systemctl status nginx
We can enter our domain IP address and we are suppose to see welcome to nginx page
http://server_ip_address
5. Configure codewithbisky.com Block
We need to create a server block to serve our website to the users. Let's follow below steps
- sudo mkdir -p /var/www/codewithbisky.com
- sudo chmod -R 755 /var/www/codewithbisky.com
- nano /etc/nginx/sites-available/codewithbisky.com
server {
listen 80;
listen [::]:80;
root /var/www/codewithbisky.com;
index index.html index.htm index.nginx-debian.html;
server_name codewithbisky.com www.codewithbisky.com;
location / {
try_files $uri $uri/ =404;
}
}
- sudo ln -s /etc/nginx/sites-available/codewithbisky.com /etc/nginx/sites-enabled/
- sudo nginx -t
Let's copy our project into linux server
- zip -r website.zip website
- scp website.zip root@codewithbisky.com:
- mv website.zip /var/www/codewithbisky.com
- cd /var/www/codewithbisky.com
- unzip website.zip
- rm website.zip
- cp -r website/* /var/www/codewithbisky.com/
6. Install Let's Encrypt and Generate SSL Certificate:
Let's Encrypt is a nonprofit certificate authority that provides free SSL/TLS certificates for securing websites. In simple words, it's a service that helps website owners encrypt the data transmitted between their websites and users' browsers.
- sudo apt update
- sudo apt install snapd
- sudo snap install core; sudo snap refresh core
- sudo snap install --classic certbot
- sudo ufw allow ssh
- sudo ufw allow 443
- sudo ufw allow 80
- sudo ufw enable
- sudo ufw status
Generate ssl certificate
sudo certbot --nginx -d codewithbisky.com -d www.codewithbisky.com
systemctl restart nginx
Conclusion:
Congratulations on completing the journey to set up your secure and efficient Linux server! You've taken significant strides in becoming a master of server management, and your website is now ready to soar with top-notch security and performance.
By learning how to SSH into your Linux server, you've gained the power to remotely manage your server with ease and confidence. This secure communication channel ensures that your data remains encrypted and protected from prying eyes.
Installing Nginx has armed you with an industry-leading web server capable of handling heavy traffic and delivering content with lightning speed. Your website visitors will experience a seamless and enjoyable browsing experience.
Enabling HTTPS with SSL certificates from Let's Encrypt has added an extra layer of security, instilling trust in your users that their sensitive information is safe. The padlock icon in their browsers will give them peace of mind while engaging with your website.
Creating a Linux root user and understanding user management are essential skills for maintaining a well-organized and secure server environment. You now have the authority to perform crucial system-wide tasks, ensuring your server runs smoothly.
By implementing a firewall, you've established a protective barrier around your server, filtering incoming and outgoing traffic to prevent unauthorized access. Your server is now fortified against potential threats.
Remember, the knowledge you've gained here is just the beginning of your exciting journey into server management and web development. Continuously stay curious, explore new technologies, and keep yourself updated with the latest best practices.
As you continue to improve your skills, be sure to check out our channel for more insightful tutorials and guides on advanced server management, website optimization, and cybersecurity.
Thank you for joining us on this learning adventure, and we look forward to seeing you succeed with your secure and high-performing Linux server. Happy server managing!