-
-
Save knows1/5824cf80a8c47e4845fe78ac10e0558d to your computer and use it in GitHub Desktop.
setting up apache in ubuntu
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <IfModule mod_ssl.c> | |
| <VirtualHost _default_:443> | |
| ServerAdmin admin@example.com | |
| ServerName your_domain.com | |
| ServerAlias www.your_domain.com | |
| DocumentRoot /var/www/html | |
| ErrorLog ${APACHE_LOG_DIR}/error.log | |
| CustomLog ${APACHE_LOG_DIR}/access.log combined | |
| SSLEngine on | |
| SSLCertificateFile /etc/apache2/ssl/apache.crt | |
| SSLCertificateKeyFile /etc/apache2/ssl/apache.key | |
| <FilesMatch "\.(cgi|shtml|phtml|php)$"> | |
| SSLOptions +StdEnvVars | |
| </FilesMatch> | |
| <Directory /usr/lib/cgi-bin> | |
| SSLOptions +StdEnvVars | |
| </Directory> | |
| BrowserMatch "MSIE [2-6]" \ | |
| nokeepalive ssl-unclean-shutdown \ | |
| downgrade-1.0 force-response-1.0 | |
| BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown | |
| </VirtualHost> | |
| </IfModule> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <VirtualHost *:80> | |
| ServerAdmin webmaster@localhost | |
| DocumentRoot /var/www/html | |
| <Directory "/var/www/html"> | |
| AuthType Basic | |
| AuthName "Restricted Content" | |
| AuthUserFile /etc/apache2/.htpasswd | |
| Require valid-user | |
| </Directory> | |
| ErrorLog ${APACHE_LOG_DIR}/error.log | |
| CustomLog ${APACHE_LOG_DIR}/access.log combined | |
| </VirtualHost> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #setting up new admin user | |
| sudo useradd -m admin -G sudo | |
| passwd admin | |
| ##changes shell to bash | |
| sudo chsh -s /bin/bash admin | |
| #copy ~/.ssh/id_rsa.pub to clipboard | |
| #change user | |
| su - admin | |
| #set user permissions | |
| mkdir .ssh | |
| chmod 700 .ssh | |
| nano .ssh/authorized_keys | |
| ##paste id_rsa.pub | |
| chmod 600 .ssh/authorized_keys | |
| ##remove root login | |
| nano /etc/ssh/sshd_config | |
| #change this PermitRootLogin: | |
| PermitRootLogin no | |
| service ssh restart | |
| ##software installs | |
| sudo apt-get update | |
| sudo apt-get upgrade | |
| #setting up mysql, apache, php | |
| sudo apt-get install apache2 apache2-utils php5 mysql-server php5-mysql libapache2-mod-php5 php5-mcrypt | |
| mysql_secure_installation | |
| ##need to uninstall mysql? | |
| sudo apt-get remove --purge mysql-server mysql-client mysql-common | |
| sudo apt-get autoremove | |
| sudo apt-get autoclean | |
| ##firewall | |
| sudo ufw allow ssh | |
| sudo ufw allow 80/tcp | |
| sudo ufw enable | |
| #swap space | |
| sudo fallocate -l 4G /swapfile | |
| sudo chmod 600 /swapfile | |
| sudo mkswap /swapfile | |
| sudo swapon /swapfile | |
| sudo sh -c 'echo "/swapfile none swap sw 0 0" >> /etc/fstab' | |
| ##fail2ban | |
| sudo apt-get update | |
| sudo apt-get install fail2ban | |
| sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local | |
| sudo nano /etc/fail2ban/jail.local | |
| ##virtual host | |
| sudo mkdir -p /var/www/example.com/public_html | |
| sudo chown -R $USER:$USER /var/www/example.com/public_html | |
| sudo nano /var/www/example.com/public_html/index.html | |
| #insert content | |
| #change conf | |
| sudo cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/example.com.conf | |
| sudo nano /etc/apache2/sites-available/example.com.conf | |
| sudo a2ensite example.com.conf | |
| sudo service apache2 restart | |
| ##add auth | |
| sudo htpasswd -c /etc/apache2/.htpasswd taylor | |
| sudo nano /etc/apache2/sites-enabled/amoss.conf | |
| ##ssl | |
| sudo a2enmod ssl | |
| sudo service apache2 restart | |
| sudo mkdir /etc/apache2/ssl | |
| sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/apache2/ssl/apache.key -out /etc/apache2/ssl/apache.crt |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment