Setting up server on Ubuntu 20

Ubuntu 20 is latest version of the OS for now. New edition content newest software and solutions for security. Let’s install in to our new server.

From previous posts you know how to connect with your Linux server. So, do it and do sudo -i to receive rights of root user.

To update APT (software installer) use this commands:

# apt update
# apt upgrade -y

For more useful using the server, better to install files maganer and editor:

# apt install mc nano -y

Let’s install Apache:

# apt install apache2

Then let’s install PHP and also some packages for LAMP:

# apt install php php-mysql php-curl php-gd php-intl php-pear php-imagick php-imap php-memcache  php-pspell php-sqlite3 php-tidy php-xmlrpc php-xsl php-mbstring php-json php-cgi php libapache2-mod-php -y

Let’s install database (SQL) server MySQL:

# apt install mysql-server -y

Next step is to install PHPMyAdmin for easier work with MySQL databases:

# apt install phpmyadmin -y

To secure server from hacking PHPMyAdmin, let’s hide it’s subdirectory:

# nano /etc/phpmyadmin/apache.conf

In the line “Alias /phpmyadmin /usr/share/phpmyadmin” change “/phpmyadmin” to any other, better to something like “jhsdfy78sjfhjfddg”

New version of MySQL prohibits using root to login from services, for example, in PHPMyAdmin. In this case we need to make new user which we gonna use as superuser in MySQL.

Connect to MySQL terminal:

# mysql –user=root mysql

Then add user phpmyadmin with somepassword. Don’t forget to change password!

mysql> CREATE USER ‘phpmyadmin’@’localhost’ IDENTIFIED BY ‘somepassword’;

Give all priviledges to the new user:

mysql> GRANT ALL PRIVILEGES ON *.* TO ‘phpmyadmin’@’localhost’ WITH GRANT OPTION;

Next step to flush previous settings:

mysql> FLUSH PRIVILEGES;

Then logout:

mysql> quit

For sending emails through PHP, we will install this package:

# apt install php-mail sendmail -y

Then setup this function in PHP-config:

# nano /etc/php/7.4/apache2/php.ini

And edit the line:

sendmail_path =  /usr/sbin/sendmail -t -i

To secure server from many tries to login, install this software:

# apt install fail2ban -y

To secure WWW-server more let’s install packages:

# apt install libapache2-mod-evasive -y

And add rooles:

# nano /etc/apache2/mods-available/mod-evasive.conf

Add this text:

<IfModule mod_evasive20.c>
DOSHashTableSize 4096
DOSPageCount 5
DOSSiteCount 50
DOSPageInterval 1
DOSSiteInterval 1
DOSBlockingPeriod 10
</IfModule>

Reboot server and enjoy!

(Visited 5 times, 1 visits today)