# Server Configuration Documentation ### Initial Server Setup #### Update Package Index and Upgrade Packages ```bash # Debian/Ubuntu apt update && apt upgrade -y # CentOS/RHEL yum update -y ``` #### Create a Non-Root User with Sudo Access ```bash adduser clouduxe usermod -aG sudo clouduxe ``` > **Tip**\ > Always disable direct root access and use a non-root sudo user for daily operations. ### SSH Configuration #### Configure SSH Access 1. Log in as root. 2. Open the SSH configuration file: ```bash nano /etc/ssh/sshd_config ``` 3. Apply the following changes: ``` PermitRootLogin no PasswordAuthentication no PubkeyAuthentication yes ``` 4. Restart the SSH service: ```bash systemctl restart ssh ``` #### Generate and Deploy SSH Keys On your local machine: ```bash ssh-keygen -t rsa -b 4096 ssh-copy-id user@your-server-ip ``` > **Warning**\ > Do not disable password authentication until you have successfully set up SSH keys and verified access. *** ### Firewall Configuration #### UFW (Ubuntu/Debian) ```bash ufw allow 22 ufw allow 80 ufw allow 443 ufw enable ``` #### Firewalld (CentOS/RHEL) ```bash systemctl start firewalld firewall-cmd --permanent --add-service=ssh firewall-cmd --permanent --add-service=http firewall-cmd --permanent --add-service=https firewall-cmd --reload ``` > **Tip**\ > Only open the ports required for your applications. Close everything else by default. *** ### Networking Configuration #### View Network Interfaces ```bash ip addr show ``` #### Set a Static IP (Netplan - Ubuntu 20.04+) Edit configuration: ```bash nano /etc/netplan/01-netcfg.yaml ``` Example: ```yaml network: version: 2 ethernets: eth0: dhcp4: no addresses: - 192.168.1.100/24 gateway4: 192.168.1.1 nameservers: addresses: [8.8.8.8, 1.1.1.1] ``` Apply changes: ```bash netplan apply ``` *** ### Software Installation #### Web Server (Nginx Example) ```bash apt install nginx -y systemctl enable nginx systemctl start nginx ``` #### Database Server (MySQL Example) ```bash apt install mysql-server -y mysql_secure_installation ``` #### Application Runtime (Node.js Example) ```bash curl -sL https://deb.nodesource.com/setup_18.x | bash - apt install -y nodejs ``` *** ### System Optimization #### Enable Swap (if needed) ```bash fallocate -l 2G /swapfile chmod 600 /swapfile mkswap /swapfile swapon /swapfile echo '/swapfile none swap sw 0 0' >> /etc/fstab ``` #### Configure Automatic Updates ```bash apt install unattended-upgrades -y dpkg-reconfigure unattended-upgrades ``` #### Tune Kernel Parameters Edit sysctl: ```bash nano /etc/sysctl.conf ``` Recommended settings: ``` net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_max_syn_backlog = 2048 net.ipv4.tcp_fin_timeout = 15 ``` Apply changes: ```bash sysctl -p ``` *** ### Logging and Monitoring #### Enable System Logs ```bash journalctl -xe ``` #### Install Monitoring Tools ```bash apt install htop iftop iotop -y ``` > **Tip**\ > Clouduxe integrates **Prometheus + Grafana** for advanced monitoring and alerting. *** ### Backup Configuration #### Manual Backup ```bash tar -czvf backup-$(date +%F).tar.gz /var/www/html ``` #### Automated Backup (Cron Example) Edit crontab: ```bash crontab -e ``` Add job: ``` 0 2 * * * tar -czvf /backups/backup-$(date +\%F).tar.gz /var/www/html ``` > **Warning**\ > Always test your restore process. A backup is useless unless it can be restored successfully. *** ### Final Checklist * [x] Updated system packages * [x] Created non-root sudo user * [x] Secured SSH access * [x] Configured firewall rules * [x] Set up networking * [x] Installed required software * [x] Optimized system performance * [x] Configured monitoring and logging * [x] Scheduled backups *** ### Conclusion Proper server configuration is critical for performance, security, and reliability.\ At **Clouduxe**, we provide pre-configured and hardened servers out-of-the-box, ensuring your applications are deployed on a **secure and optimized infrastructure** from day one. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.clouduxe.com/vps-and-dedicated-servers/server-configuration-documentation.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.