Configure VPS with details & LAMP

Essentials: Initial setup of Ubuntu 22.04
Install LetsEncrypt Free SSL: LE on ubuntu 24
– for apache
– for-nginx
– (if different ports needed: here or here)
Fail2ban: sudo apt-get install fail2ban
Disable journal logs:
Sometimes, if your VPS has problems, journal logs could occupy whole disk space (95%+).
– journalctl --vacuum-size=100M
– sudo sed -i 's/#SystemMaxUse=/SystemMaxUse=100M/' /etc/systemd/journald.conf
[ To clear existing cache: (sudo find /var/log/journal -name "*.journal" | xargs sudo rm) && (sudo systemctl restart systemd-journald); others: se.com/how-to-clear-journalctl ]
Change default SSH port:
It’s not requirement, but good thing to change from default 22 to your desired, i.e. 12345:
– desired_ssh_port=12345
– sudo ufw allow $desired_ssh_port/tcp
– cp /etc/ssh/sshd_config /etc/ssh/sshd_config_backup
– sed -i "s/#Port 22/Port $desired_ssh_port/" /etc/ssh/sshd_config
– sudo systemctl disable ssh.socket && sudo systemctl stop ssh.socket && sudo systemctl restart ssh && sudo systemctl enable ssh.socket
– sudo ufw reload
( in rare cases, you might also need to amend: /etc/apache/sites-enabled && /etc/apache2/ports.conf )
Docker:
– install docker or here (only if you know docker and want to use it)

NodeJS:

wget -q -O- https://raw.githubusercontent.com/nvm-sh/nvm/master/install.sh | bash
. ~/.bashrc
nvm install node

PM2: npm install pm2 -g && pm2 update
Misc:
– set start dir: echo "cd /var/www/mydir/" >> ~/.bashrc– aliases: echo "alias dcd='docker compose down'" >> ~/.bash_aliases && echo "alias dcu='docker compose up'" >> ~/.bash_aliases && source ~/.bashrc
Firewall:
– firewall-on-ubuntu
– configure-firewall-and-change-ssh-port.md
– firewalld instead of ufw (when you use docker!)
Simple Disk usage:
– sudo apt install ncdu and anytime just run ncdu
Set correct permissions for multiple users
– to rewrite privileges after uploading files automatically:
*/10 * * * * sudo chown -R www-data:www-data /var/www
Increase timeout for SSH client (instead of default 10):
– nano /etc/ssh/sshd_config –>set ClientAliveInterval 60 and ClientAliveCountMax 5
Find file: find . -type f -name "*John*"
Add user through SSh
Auto- Restart stopped-service : Github repo
Restrict port to specific IP:
sudo iptables -A INPUT -p tcp -s YOURRRRRRR_IPPPPPPPPPPP -j ACCEPT
sudo ufw allow from 123.123.123.123 to any port 22 proto tcp
Monitor files/folders changes :
inotify-hookable -w path_to_plugin -c "COMMAND_TO_EXECUTE" (i.e. "docker container restart CONTAINER_NAME")
Download & unpack file:
wget --no-check-certificate --content-disposition https://codeload.github.com/USER/REPONAME/zip/refs/heads/master -O temp.zip && unzip -o temp.zip -d /var/www/path/folder

LAMP (APACHE & MYSQL & PHP):
Now, instead of the combined articles (i.e. install-lamp-1 or install-lamp-2 ) I advise more specific oriented articles:
– install apache
– install mysql
– install php: 1) Install phpbrew 2) try blog/docker-php-8-zts-apache-swoole-parallel & gmp install 3) might need to add AddType application/x-httpd-php .php in /etc/apache2/mods-available/php.load
WordPress (with mysql):
– ubuntu tutorial
– do.com/wordpress-on-ubuntu

[PHP]:
– Install Redis Cache
– Install MBstring : sudo apt-get install php-mbstring php8.1-mbstring php-gettext libapache2-mod-php8.1
Install & Configure mail: article1 | article2

Add/Create user:

CREATE USER 'myuser1'@'192.168.1.123' IDENTIFIED BY 'password123';
GRANT ALL PRIVILEGES ON dbnamee.* TO 'myuser1'@'192.168.1.123';
FLUSH Privileges;

reset root pass;
user password change :
ALTER USER 'root'@'localhost' IDENTIFIED BY 'xxxxxxxxx';

disable mysql-logs : se.com/delete-mysql-bin-files & se.com/disable-mysql-logging

/etc/mysql/my.cnf - >
[mysqld]
max_allowed_packet = 512M
skip-log-bin
binlog_expire_logs_seconds=1600

In mysql:

SHOW VARIABLES LIKE 'max_allowed_packet';
SET @@global.max_allowed_packet = 16777215;
SHOW VARIABLES LIKE 'max_allowed_packet';