Setting up your Virtual Private Server
Jan 15, 2015
After you've bought a VPS, it's time to set it up. First, you need to decide which operating system you are going to install. I chose Debian for two reasons - one because it's Linux and Linux makes for an excellent server OS in that once you set things up, it requires minimal maintenance. The other reason is that I'm very familiar with Debian based distros like Ubuntu and Linux Mint. Ubuntu was the primary OS on my laptop for years, and now Linux Mint has that position.
I could have chosen Ubuntu itself, as the 2014 release comes with 5 year support. But I wanted to play with Debian, so I chose it over Ubuntu. And even though Debian hasn't officially said that the current stable release will get long term support, their release cycle is very conservative and the releases are usually supported for a long time. It's better to install a release that is supported for a long period instead of choosing a cutting edge release which may require you to frequently upgrade your OS. Running a server should require minimal maintenance effort from you, unless playing with cutting edge stuff is your goal.
After deciding the OS, it's time to install it. Most likely your VPS provider has guides on how to do this. There are also plenty of guides available on the Internet. These are the guides I followed:
Getting Started - this information is specific to linode. Your VPS should have a similar guide.
Securing Your Server - how to create users, setup SSH keys, disable root login, setup a firewall, and installing Fail2Ban - which prevents dictionary login attacks.
Unattended upgrades - in line with our goal of having to do as little maintenance as possible, we want our server to automatically install package updates - which in a stable Debian release are mostly security updates.
Hosting a Website and installing LAMP. I only installed Apache. It is the most popular http server with a lot of features, so you may want to use that. nginx is another popular alternative which is faster than Apache, but to use Google's PageSpeed module, you have to manually build nginx from sources. I don't like having to manually build sources every time there's an update to either nginx or PageSpeed. If there are any security vulnerabilities, I'd like the OS to automatically install updates instead of me having to install them. Since the http server is the entry point for web traffic, it's important that it stays up to date.
For the database, I went with PostgreSQL as I had already used Mysql before and wanted to try PostgreSQL. Also, since I plan to use Java and not PHP, Mysql is not a requirement. The Java world, with it's emphasis on abstraction and ORM frameworks, is relatively database agnostic and gives you the freedom to chose your own database. Many PHP applications like Wordpress require Mysql.
Setting up an SFTP jail - you should use Secure FTP and never FTP to transfer files to your VPS. This guide tells you to setup a separate user to do that for security purposes.
That covers the base setup of our VPS. To run Java web applications, we are going to need Java and a web server like Tomcat. I'll cover that in future posts.