Servers&Hosting

Category: Servers

  • How to Set Up a Secure Linux Web Server (Step-by-Step Guide)

    Setting up a Linux web server is a must for developers, businesses, and hobbyists who want performance, control, and security. In this guide, you’ll learn how to configure a secure, production-ready web server from scratch using a modern Linux distribution.

    Step 1: Choose the Right Linux Distribution

    Before anything else, pick a solid Linux distro. Here are some battle-tested options:

    • Ubuntu Server (LTS) – Easy to use, great documentation.
    • Debian – Stable, minimal, and widely supported.
    • AlmaLinux / Rocky Linux (CentOS alternatives) – Enterprise-grade stability.

    Pro Tip: Choose LTS (Long-Term Support) versions to ensure consistent security updates.

    Step 2: Secure Initial Access

    1. Log into your server via SSH:
      ssh root@your-server-ip
    2. Create a new non-root user:
      adduser yourusername
      usermod -aG sudo yourusername
    3. Disable root login via SSH:
      Edit /etc/ssh/sshd_config:
      PermitRootLogin no
      Then restart SSH: systemctl restart sshd

    Step 3: Harden SSH Access

    • Use SSH key authentication instead of passwords:
      ssh-keygen ssh-copy-id yourusername@your-server-ip
    • (Optional) Change the default SSH port (for obscurity):
      nano /etc/ssh/sshd_config
    • Change the line:
      Port 2222
    • Then restart SSH:
      systemctl restart sshd

    Step 4: Set Up a Firewall

    For Ubuntu/Debian:

    ufw allow OpenSSH
ufw allow 'Nginx Full'    # or 'Apache Full'
ufw enable

    For CentOS/RHEL:

    firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd --reload

    Step 5: Install a Web Server

    Option 1: Nginx

    sudo apt install nginx           # Ubuntu/Debian
sudo yum install nginx           # CentOS/RHEL
systemctl enable nginx
systemctl start nginx

    Option 2: Apache

    sudo apt install apache2         # Ubuntu/Debian
sudo yum install httpd           # CentOS/RHEL
systemctl enable apache2         # or httpd
systemctl start apache2

    Step 6: Secure with HTTPS (Let’s Encrypt)

    Install Certbot:

    sudo apt install certbot python3-certbot-nginx    #Nginx

sudo apt install certbot python3-certbot-apache   #Apache

    Obtain SSL Certificate:

    sudo certbot --nginx -d yourdomain.com

#or
sudo certbot --apache -d yourdomain.com

    Enable auto-renewal:

    sudo systemctl enable certbot.timer

    Step 7: Harden the Server

    Install Fail2Ban:

    sudo apt install fail2ban

    Enable Unattended Security Updates:

    sudo apt install unattended-upgrades
sudo dpkg-reconfigure --priority=low unattended-upgrades

    Disable unused services:

    systemctl disable service-name

    Step 8: Deploy Your Website or App

    • Upload files to /var/www/html/ or your virtual host directory.
    • Set proper permissions:
      chown -R www-data:www-data /var/www/html/ chmod -R 755 /var/www/html/

    Step 9: Monitor & Maintain

    Keep your server running smoothly and securely:

    • Monitor system usage:
      top, htop, uptime, netstat, df -h
    • Review logs:
      /var/log/auth.log /var/log/nginx/access.log
    • Schedule regular updates:
      sudo apt update && sudo apt upgrade -y

    Final Security Checklist

    • Root login disabled
    • SSH key authentication in place
    • Firewall configured
    • Web server installed and tested
    • HTTPS enabled with auto-renewal
    • Fail2Ban configured
    • Regular updates scheduled

    Conclusion

    Setting up a secure Linux web server doesn’t have to be overwhelming. By following these steps, you’ll have a hardened, reliable environment ready to serve your site or app to the world — safely.

    Sponsored

    Check out vertahost.com from hosting accounts, to large server setups, we offer it all. Just contact our team with your needs, 24/7!

  • Checking disk use on your server

    To check disk usage on your server, you can use several command-line tools available in most Unix-based systems (like Linux and macOS). These tools help you monitor how much disk space is being used, what’s taking up space, and how much free space remains. This is essential for managing server health, especially for avoiding downtime due to full disks.

    1. Using the df Command

    The df (disk free) command shows how much space is used and available on mounted filesystems.

    Basic usage:

    df -h

    Explanation:

    • -h stands for “human-readable,” and it displays sizes in KB, MB, or GB.
    • This shows a list of mounted filesystems, their total size, used space, available space, and usage percentage.

    Sample output:

    Filesystem      Size  Used Avail Use% Mounted on
    /dev/sda1        50G   25G   23G  53% /
    tmpfs           2.0G     0  2.0G   0% /dev/shm

    This tells you how much space is being used on each mounted partition (e.g., / is the root directory).

    2. Using the du Command

    The du (disk usage) command shows how much space individual files and directories are using.

    Check space in a directory:

    du -sh /path/to/directory

    Explanation:

    • -s summarizes the total.
    • -h makes it human-readable.

    To view usage of all folders in a directory:

    du -h --max-depth=1 /path

    This breaks down disk usage for each subdirectory inside /path.

    Example output:

    1.1G    /home/user/Documents
    200M    /home/user/Downloads

    This is very helpful when tracking down what’s consuming disk space.

    3. Combining du with sort

    You can sort folders by size to find the biggest ones:

    du -h /path | sort -hr | head -n 10
    • sort -hr: Sorts in human-readable format, largest first.
    • head -n 10: Shows the top 10 results.

    This helps locate space hogs quickly.

    4. Graphical Alternatives

    If you’re using a desktop environment, tools like ncdu (for terminal-based interactive browsing) can help:

    Install and use ncdu on Ubuntu based servers:

    sudo apt install ncdu
ncdu /

    It shows a navigable summary of disk usage by folder.

    5. Checking Disk Inodes

    Disk space may be free, but you could still run out of inodes (used to track files). Check inode usage with:

    df -i

    Final Thoughts

    For quick checks, use df -h. For detailed usage by directory, use du -sh or ncdu. Regular disk checks can help avoid outages or performance issues due to full storage.

    Sponsored
    Check out vertahost.com for all of your web hosting needs, including 24/7 support, and server expertise