When venturing into the realm of website management, some users find shared hosting adequate, while others opt for the control of a Virtual Private Server (VPS). This guide will not only walk you through setting up a secure web server using Apache on Ubuntu 16.04 but also provides insights on hardening your Ubuntu server for enhanced security. Let’s dive into the details.
Setting Up a Secure Web Server on Ubuntu 16.04: Installing Apache
Begin by logging into your VPS using SSH, a crucial step for server management. Update sources and existing packages with the commands:
apt-get update && apt-get upgrade
Install Apache with:
apt-get install apache2
Now you have a functional web server on your VPS.
Unlock the power of PHP strings.
Configuring Let’s Encrypt
With Apache running, securing your website with an SSL certificate becomes paramount. Install Git using:
apt-get install git
Clone Let’s Encrypt repository and navigate to it:
git clone https://github.com/letsencrypt/letsencrypt && cd letsencrypt
Execute the command to obtain a free SSL certificate:
./letsencrypt-auto --apache --renew-by-default -d domain.com -d www.domain.com
Replace “domain.com” with your actual domain. Follow the prompts to complete the setup.
Simplify Linux by learning the step-by-step process to remove .php extensions from your system.
Enabling .htaccess Files
To use .htaccess files, edit the Apache configuration file:
cd && cd /etc/apache2 && nano apache2.conf
Change the relevant “AllowOverride” lines to:
cd && cd /etc/apache2 && nano apache2.conf
Save the changes, then enable Apache mod_rewrite and restart Apache:
a2enmod rewrite && apachectl restart
Create your .htaccess file in the web server’s root directory:
cd && cd /var/www/html && nano .htaccess
Harden Ubuntu Server 16.04: Strengthening Server Security
Beyond setting up the web server, fortify your Ubuntu server’s security. Regularly update your system with:
apt-get update && apt-get upgrade
Updating System
Keeping your server’s software up-to-date is crucial. Schedule regular updates using:
apt-get update && apt-get upgrade
Configuring Firewall
Enhance security by configuring the firewall. Use Uncomplicated Firewall (UFW) for simplicity:
apt-get install ufw
ufw allow ssh
ufw enable
Conclusion
With the diligent application of these security measures, you not only fortify your Ubuntu Server 16.04 but also gain the confidence to navigate the intricate landscape of web infrastructure security. Stay vigilant, stay secure!