Server Configuration Documentation

This documentation provides a structured approach to configuring servers for production use.

Initial Server Setup

Update Package Index and Upgrade Packages

# Debian/Ubuntu
apt update && apt upgrade -y

# CentOS/RHEL
yum update -y

Create a Non-Root User with Sudo Access

adduser clouduxe
usermod -aG sudo clouduxe

Tip Always disable direct root access and use a non-root sudo user for daily operations.

SSH Configuration

Configure SSH Access

Log in as root.
Open the SSH configuration file:
```
nano /etc/ssh/sshd_config
```

Apply the following changes:

PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes

Restart the SSH service:
```
systemctl restart ssh
```

Generate and Deploy SSH Keys

On your local machine:

ssh-keygen -t rsa -b 4096
ssh-copy-id user@your-server-ip

Warning Do not disable password authentication until you have successfully set up SSH keys and verified access.

Firewall Configuration

UFW (Ubuntu/Debian)

ufw allow 22
ufw allow 80
ufw allow 443
ufw enable

Firewalld (CentOS/RHEL)

systemctl start firewalld
firewall-cmd --permanent --add-service=ssh
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd --reload

Tip Only open the ports required for your applications. Close everything else by default.

Networking Configuration

View Network Interfaces

ip addr show

Set a Static IP (Netplan - Ubuntu 20.04+)

Edit configuration:

nano /etc/netplan/01-netcfg.yaml

Example:

network:
  version: 2
  ethernets:
    eth0:
      dhcp4: no
      addresses:
        - 192.168.1.100/24
      gateway4: 192.168.1.1
      nameservers:
        addresses: [8.8.8.8, 1.1.1.1]

Apply changes:

netplan apply

Software Installation

Web Server (Nginx Example)

apt install nginx -y
systemctl enable nginx
systemctl start nginx

Database Server (MySQL Example)

apt install mysql-server -y
mysql_secure_installation

Application Runtime (Node.js Example)

curl -sL https://deb.nodesource.com/setup_18.x | bash -
apt install -y nodejs

System Optimization

Enable Swap (if needed)

fallocate -l 2G /swapfile
chmod 600 /swapfile
mkswap /swapfile
swapon /swapfile
echo '/swapfile none swap sw 0 0' >> /etc/fstab

Configure Automatic Updates

apt install unattended-upgrades -y
dpkg-reconfigure unattended-upgrades

Tune Kernel Parameters

Edit sysctl:

nano /etc/sysctl.conf

Recommended settings:

net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_max_syn_backlog = 2048
net.ipv4.tcp_fin_timeout = 15

Apply changes:

sysctl -p

Logging and Monitoring

Enable System Logs

journalctl -xe

Install Monitoring Tools

apt install htop iftop iotop -y

Tip Clouduxe integrates Prometheus + Grafana for advanced monitoring and alerting.

Backup Configuration

Manual Backup

tar -czvf backup-$(date +%F).tar.gz /var/www/html

Automated Backup (Cron Example)

Edit crontab:

crontab -e

Add job:

0 2 * * * tar -czvf /backups/backup-$(date +\%F).tar.gz /var/www/html

Warning Always test your restore process. A backup is useless unless it can be restored successfully.

Final Checklist

Conclusion

Proper server configuration is critical for performance, security, and reliability. At Clouduxe, we provide pre-configured and hardened servers out-of-the-box, ensuring your applications are deployed on a secure and optimized infrastructure from day one.

PreviousVPS Server Administration Guide NextServer Backup and Recovery Tutorial

Last updated 4 months ago

hashtagInitial Server Setup

hashtagUpdate Package Index and Upgrade Packages

hashtagCreate a Non-Root User with Sudo Access

hashtagSSH Configuration

hashtagConfigure SSH Access

hashtagGenerate and Deploy SSH Keys

hashtagFirewall Configuration

hashtagUFW (Ubuntu/Debian)

hashtagFirewalld (CentOS/RHEL)

hashtagNetworking Configuration

hashtagView Network Interfaces

hashtagSet a Static IP (Netplan - Ubuntu 20.04+)

hashtagSoftware Installation

hashtagWeb Server (Nginx Example)

hashtagDatabase Server (MySQL Example)

hashtagApplication Runtime (Node.js Example)

hashtagSystem Optimization

hashtagEnable Swap (if needed)

hashtagConfigure Automatic Updates

hashtagTune Kernel Parameters

hashtagLogging and Monitoring

hashtagEnable System Logs

hashtagInstall Monitoring Tools

hashtagBackup Configuration

hashtagManual Backup

hashtagAutomated Backup (Cron Example)

hashtagFinal Checklist

hashtagConclusion