Create a new virtual host:
Copy Code
cd /etc/httpd/conf.d/
touch mysite.conf
nano mysite.conf
Paste the following code into mysite.conf:
Copy Code
<VirtualHost *:80>
ServerAdmin webmaster@mysite.com
DocumentRoot /var/www/html/mysite
ServerName mysite.com
ServerAlias You do not have permission to view the full content of this post.Log in or register now.
ErrorLog logs/mysite_error_log
CustomLog logs/mysite_access_log common
</VirtualHost>
Save the file.
Create a directory for your website:
Copy Code
mkdir /var/www/html/mysite
chown -R apache:apache /var/www/html/mysite
That's it! You now have a basic CentOS 7 VPS with a web server, PHP, MySQL/MariaDB, and a firewall set up. You can customize this script to fit your specific needs.
This will help protect your VPS from brute force attacks by banning IP addresses that repeatedly fail authentication.
Secure SSH:
Edit the /etc/ssh/sshd_config file and make the following changes:
Copy Code
PermitRootLogin no
PasswordAuthentication no
AllowUsers myusername
Replace myusername with your actual username. Save the file and restart SSH:
Copy Code
systemctl restart sshd
This will disable root login and password authentication, and only allow access for the specified user.
Set up a swap file:
If your VPS has limited RAM, setting up a swap file can help improve performance. Here's how to create a 1GB swap file:
Copy Code
fallocate -l 1G /swapfile
chmod 600 /swapfile
mkswap /swapfile
swapon /swapfile
echo "/swapfile none swap sw 0 0" >> /etc/fstab
This will create a swap file, set the appropriate permissions, and add it to /etc/fstab so it will be automatically enabled on boot.
Install and configure Nginx as a reverse proxy:
If you want to improve the performance of your web server, you can install Nginx and use it as a reverse proxy. Here's how:
Copy Code
yum install nginx
systemctl enable nginx
systemctl start nginx
Edit the /etc/nginx/nginx.conf file and add the following inside the http block:
Copy Code
server {
listen 80;
server_name mysite.com;
location / {
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Replace mysite.com with your actual domain name. This will forward requests to port 80 to port 8080, where Apache is listening.
Set up SSL/TLS encryption:
If you want to secure your website with HTTPS, you'll need to install an SSL/TLS certificate. You can get a free Let's Encrypt certificate and set it up using Certbot:
Copy Code
yum install certbot python2-certbot-apache
certbot --apache -d mysite.com
Follow the prompts to configure your certificate. Once done, you can edit your virtual host file (/etc/httpd/conf.d/mysite.conf) and add the following lines to redirect HTTP traffic to HTTPS:
Copy Code
<VirtualHost *:80>
ServerName mysite.com
Redirect permanent / You do not have permission to view the full content of this post.Log in or register now.
</VirtualHost>
Monitor your VPS:
Install a monitoring tool like netdata or Monit to keep track of your VPS's performance and receive alerts in case of issues.
I hope these additional steps help you further optimize and secure your CentOS 7 VPS!