Debian Server Setup for Beginners

Discussion in 'Website Development' started by Adam, Aug 30, 2012.

  1. Adam Member

    Money:
    $79
    I felt this was needed for all the many people here who may wish to develop their site without the need for a control panel such as cPanel (just dos prompt / command prompt). Typically those of you seeking to use a VPS, Semi-Dedicated, or Dedicated Server for the first time or who are generally new to Linux.

    While it is true there are a lot of other guides online, many of them are outdated or insecure. You have no idea how many "Perfect Debian" or "The Perfect Server" setup guides have been copied and pasted again and again. And all of them with the same security flaws.

    This guide will cover the most easiest and basic setup for any beginning using Debian Linux. Which has the standard advantages of easy to use, easy to configure, and very little system resources needed.

    STEP 1

    I'm again going to assume your starting out with Debian Minimum Install. I'm also going to assume you're using either a dedicated or vps server, with root access.

    1st let's install aptitude. This will make installing programs easier and help you resolve any conflicts (and warn you of them before trying anything).

    PHP:
    apt-get install aptitude
    Next before you go about installing anything, let's make sure to install any update the core

    PHP:
    aptitude update
    PHP:
    aptitude full-upgrade
    Depending on how your web host allows for things and depending on how many or what was upgraded, you may want to reboot (caution check with your host if this is supported. Most allow this and it is free, but double-check). This can take a few minutes so do not panic if you're not be online right away (you'll need to sign back in once you're online).

    To reboot (remember my caution)

    PHP:
    reboot

    Next we're going to install a very simple editor to help you edit things (alternatively, you could always download files and edit them on your PC and then upload them if it is easier). The editor I would suggest if you will edit things manually online is Nano.

    PHP:
    aptitude install nano
    Now we're going to add a few things into your update source list

    PHP:
    nano /etc/apt/sources.list
    Or of course you could download that file and edit on your PC (follow that path)

    PHP:
    # Debain Main Update
    deb http://ftp.de.debian.org/debian stable main contrib non-free
    deb-src http://ftp.de.debian.org/debian stable main contrib non-free
     
    deb http://ftp.debian.org/debian/ squeeze-updates main contrib non-free
    deb-src http://ftp.debian.org/debian/ squeeze-updates main contrib non-free
     
    deb http://security.debian.org/ squeeze/updates main contrib non-free
    deb-src http://security.debian.org/ squeeze/updates main contrib non-free
    The above will add all the repositories from Debian on their main Germany server, which is where updates are posted 1st before they are branched out else where. So you'll get things ASAP when you do update or upgrade.

    TIP = It is safe to replace any official Debian Sources that may have already been there, but if you find anything none official... Odds are good your host may have their own things in there. Do not replace theirs, just the official sources only.

    You may also want to add this to your repository (I would suggest you do so)

    PHP:
    #Debian Backport
    deb http://backports.debian.org/debian-backports squeeze-backports main
    This is a repository that developers submit things to Debian. It often will help you obtain the news security patches before it is added onto the Debian main servers. There is a small catch... Sometimes I've been told things here are not always stable... Its never happen to me, but I figure you should know.

    Finally we're going to need to add 1 last thing onto the list. No matter if you elect to use Apache2 or nGinx, this is where you'll get the newest stable version.

    PHP:
    #Dotdeb.org
    deb http://packages.dotdeb.org squeeze all
    deb-src http://packages.dotdeb.org squeeze all
    If you plan on using php5.4, also add the following (not needed & do not add if you'll only use php 5.3.x)

    PHP:
    #Dotdeb.org php 5.4
    deb http://packages.dotdeb.org squeeze-php54 all
    deb-src http://packages.dotdeb.org squeeze-php54 all
    Save and exit Nano (remember to save)

    Now the next step is as follows (this will add the security key for Dotdeb.org)

    PHP:
    wget http://www.dotdeb.org/dotdeb.gpg
    cat dotdeb.gpg sudo apt-key add -
    Next lets once again make sure everything is up to date before we install anything else.

    PHP:
    aptitude update
    PHP:
    aptitude full-upgrade
    You may get a few updates. If you again you happen to get a lot of update, reboot. (remember my cation and remember this may take sometime)

    PHP:
    reboot
    Now the fun part :)

    I'm going to suggest Apache2 with php-fpm and standard MySQL.

    Mostly because you're new and setting up nGinx isn't for the faint of heart. But also for the life of you... I don't think you'll want to re-configure and re-write rules for every 3rd party change or add-on you'll add for either XenForo, Word Press, or anything else for that matter.

    STEP 2

    If you did or needed to reboot a 2nd time, follow the same update and full-upgrade until everything reports there are no update.

    Now after you're completed this.... The fun begins :)

    PHP:
    aptitude install mysql-server mysql-client
    Normally during the install, you will be asked to provide a MySQL Root Password. This is important to NEVER use the MySQL root (if you can help it), but also important to NEVER forget this password either. Make this password long and not easy to guess.

    If for some odd reason the install didn't ask you to add a password..... Immediately after you have installed the mysql server, you should change its root password

    PHP:
    /usr/bin/mysqladmin -u root password 'enter-your-good-new-password-here'
    You must never use your root account and password when running databases.
    The root account is a privileged account which should only be used for admin procedures. You will need to create a separate user account to connect to your MySQL databases from a PHP script. You can add users to a MySQL database by using a control panel like phpMyAdmin to easily create or assign database permissions for users.

    I can not stress enough how many people are stupid and end up using the root name and password. Don't do it.

    Now let's install and setup Apache2 :)

    PHP:
    aptitude install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils
    Type in your server's IP address (inside your web browser) .... You should see a nice Apache page (typically says, IT WORKS!)

    Now let's install PHP

    PHP:
    aptitude install php5 php5-fpm libapache2-mod-php5-mysql php5-curl php5-gd php5-intl php-pear php5-imagick php5-imap php5-mcrypt php5-ming php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl
    The above should allow you to run every possible modification you will find on most any php required software. Although you can add php5-geoip if you plan on using it or if you feel it is required, but it does use up some resources.

    Let's see if php is working

    PHP:
    a2enmod rewrite
    a2enmod 
    include
    PHP:
    /etc/init.d/apache2 restart
    We're going to make a simple php test file

    PHP:

    <?php
     
    // Show all information, defaults to INFO_ALL
    phpinfo();
     
    ?>
    Name that file as anything you want, as long as it ends with .php

    Upload it to:

    /var/www/

    Type in your servers IP address and add the path to that file

    Example = 192.168.1.1/FileName.php

    If you see your PHP details all is working :)

    Now DELETE that file. It's not really a good idea to keep it on your server.

    Now let's install a few random things you may find you'll need.

    PHP:
    aptitude install curl perl libapache2-mod-perl2 python libapache2-mod-python ntp ntpdate
    Now lets restart apache2 again (to load all this). The above adds curl, perl, python, and keeps your site time up to date.

    PHP:
    /etc/init.d/apache2 restart
    At this point, depending on your web host... You maybe simply able to type in your domain name and see that nice Apache2 page without typing in your IP address.

    Thankfully most host (even unmanaged host) have an internal dns / bind system. So configuring or installing such isn't required. And saves you resources and helps limit security threats. Be so thankful for our ever-changing world of technology. :)

    If this is not the case for you.... I'd think about finding another host. Seriously.

    Now you need to make a choice

    1) Is this the only domain you will be having on this server

    OR

    2) Will have other domain names and / or sub domain names

    If option 1 .... Congratulations, you're done. :cool: Pat yourself on the back. Wasn't that easy? :)

    The following will allow you to work with phpMyAdmin

    PHP:
    aptitude install phpmyadmin

    You'll be asked if you want phpMyAdmin to make its own database, say NO

    PHP:
    /etc/init.d/apache2 restart
    The user name and password will be your root and password. For this reason, do not leave phpMyAdmin installed. Use it only for how long you need it and then remove it. That is my advise to you.

    If you follow my advise, you will need to do the follow below (if you do not follow my advice, at least password protect it using .htaccess as an extra level of security. But remember, I warned you)

    A whole guide to htaccess can be found on Apache's own web site: http://httpd.apache.org/docs/2.0/howto/htaccess.html

    PHP:
    aptitude remove phpmyadmin
    PHP:
    aptitude purge phpmyadmin
    PHP:
    /etc/init.d/apache2 restart
    If option 2 .... A little more work for you....

    OPTION 2

    So you've decided you want more and thus continued to option 2 :coffee:

    PHP:
    a2enmod userdir
    Configure Apache module userdir in /etc/apache2/mods-enabled/userdir.conf

    PHP:
    nano /etc/apache2/mods-enabled/userdir.conf
    PHP:
    <IfModule mod_userdir.c>
            
    UserDir public_html
            UserDir disabled root
     
            
    <Directory /home/*/public_html>
                    AllowOverride All
                    Options MultiViews Indexes SymLinksIfOwnerMatch
                    <Limit GET POST OPTIONS>
                            Order allow,deny
                            Allow from all
                    </Limit>
                    <LimitExcept GET POST OPTIONS>
                            Order deny,allow
                            Deny from all
                    </LimitExcept>
            </Directory>
    </IfModule>
    Create directory as user (not as root)

    PHP:
    mkdir /home/$USER/public_html
    Change group as root (substitute your username) and restart web server

    PHP:
    chgrp www-data /home/<username>/public_html
    PHP:
    service apache2 restart
    If you get a Forbidden error when accessing home folder through apache check /home/username has permissions drwxr-xr-x. If the permissions are wrong correct them as such:

    PHP:
    chmod 755 /home/<username>
    Next we need to change something for PHP to work this way

    PHP:
    nano /etc/apache2/mods-available/php5.conf

    PHP:
    <IfModule mod_php5.c>
        <
    FilesMatch "\.ph(p3?|tml)$">
            
    SetHandler application/x-httpd-php
        
    </FilesMatch>
        <
    FilesMatch "\.phps$">
            
    SetHandler application/x-httpd-php-source
        
    </FilesMatch>
        
    # To re-enable php in user directories comment the following lines
        # (from <IfModule ...> to </IfModule>.) Do NOT set it to On as it
        # prevents .htaccess files from disabling it.
        #<IfModule mod_userdir.c>
        #    <Directory /home/*/public_html>
        #        php_admin_value engine Off
        #    </Directory>
        #</IfModule>
    </IfModule>
    See little instruction note in that? Follow it ;)

    Save and exit

    PHP:
    /etc/init.d/apache2 restart
    Done :cool:

    You're welcome :D


    Are you thinking about using nGinx? .... nGinx seems to change per version... ie... Version 1.x.1 is different from 1.x.2 and the same with 1.x.3. The best guide for nGinx is to read, learn, read, learn some more, and do it yourself. Because what I tell you today about nGinx may no longer be true tomorrow or may not fit your needs today. I wish there was an easier way, but nGinx changes always (not to add you may have to configure it for every add-ons you my add, for each add-on).

    IF you decide however that you much prefer a control panel, I would suggest Direct Admin (http://www.directadmin.com) . It uses much fewer resources than cPanel, has all the core features of cPanel, can run on more OS's (Operating Systems) than cPanel making for backward compatibility should you relocate, is kept more current than cPanel, and finally is more economical in value (you don't end up paying a monthly lease price like cPanel, you own a copy for about the same price as XenForo).
    Rob likes this.
  2. GregH Member

    Money:
    $51
    Great tutorial there. Luckily so far I've had a friend set up my VPS's but not because I don't know what I'm doing, more I'm too lazy to do it, either that or too busy to do it.
    Adam likes this.
  3. SolidShellSecurity Member

    Money:
    $21
    Nice job on the tutorial!
    Adam likes this.
  4. Marty New Member

    Money:
    $1
    In the php install section the test failed. I installed libapache2-mod-php5 to get it to work. Should it work with out libapache2-mod-php5?
  5. Saini New Member

    Money:
    $27
    Thanks for the excellent tutorial.

Share This Page