Please may you help me to setup the VPS

**w7u64xi7** · February 5th, 2012, 09:27

I am new to Linux so I do not have any special preferences.
Yes I have a root access and the VPS is un managed.
I am newbie to the Linux world.
I will have a new website or maybe 3.
I've found that un managed costs vary a lot, as I've found various ways for settings ... some using Xen, others using OpenVZ, and other using Virtuozzo and I found that it all vary regarding Ram allocations for each VPS.
Also afraid to stuck with some over sell VPS as I had it before with shared hosting.
For un managed hosting VPS will it be easy to secure the server from being hacked? or it is an impossible job for a newbie guy like me?
Also for later on regarding updates or patching ... will it be good as well or not?
Finally I've found most people using Ubuntu server LTS, so do you advise of using it or any other distribution?
I've read a lot of reviews that most are advising for using CentOS or Debian, but I've found the majority are already using Ubuntu server.
Thanks and too much appreciated your time reading and value your inputs.

Note:
After a lot of reading I've found that the steps should be as follow: (the funny thing that I've read and know what I should do but each time I am trying to run a command using PUTTY I get an error)
- change root password to a secure one.
- create another user with admin access with a strong password as well.
- disable root remotely access.
- use secure connection to the VPS by using PUTTY key instead of username and password login .
- change the port to a high one with unusual figure like 26127 or any else
- disable ftp and use another secure one.
- install a fire wall, CSF firewall and Mod_security or anything else equal or more.
- keep the whole thing up-to-date.
- secure the whole VPS as much as possible.
- finally use a trusted script on the website and his why I will use Drupal (mostly the core ones and nothing else without any modules).

This is what I've got so far from reading many tutorials and still get a lot of errors when I follow them (howtoforge.com) is one of the famous websites I've visited.

Sorry for being long ... But I am really hope if you here be able to help or guide me.

- Late Edit -
I've forget to mention that some steps I've forget to mention are:
- using back ed control panel (like ISP config, VirtualMin) is facilitating the task but make VPS less secure, so using the command .

really hope if someone interested to help me.

**wswd** · February 6th, 2012, 00:53

The security steps you list are pretty good. I would highly recommend a managed VPS if you don't know what you're doing and the sites are mission critical. If you're just using the VPS to play around and learn linux, that's fine.

One more option which you may not have thought of, would be to get an outside management company to set up and "harden" the VPS for you initially. Most will do it within an hour or two, and shouldn't charge you much more than a one-time $20 or $30 fee. Then you know everything is set up correctly.

You can also opt for a control panel. There are some free ones out there (webmin and kloxo come to mind) and paid ones like DirectAdmin and cPanel. All will make managing the server and setting up your websites a lot easier.

As far as the oversold VPS, if you're paying shared hosting prices for your VPS, chances are it's oversold. Dedicated resources are expensive. Just as an easy example, let's say the provider has a VPS server with 16GB of RAM, and pays about $300/mo. Just the provider's cost is $18.75/GB of RAM. You could expect to pay anywhere from $21-22 or so and up for a 1GB VPS server...about $10 for a 512mb server, and $5 for a 256mb server. Just an example.

OpenVZ is almost guaranteed to be oversold, as is Virtuozzo. Without getting too complicated, Xen RAM can be overcommitted (though it causes all sorts of issues, and isn't quite the same as overselling), and disk space cannot be oversold. The only thing that can truly be oversold is CPU and bandwidth. Chances are that if you go with a Xen VPS, you will be getting completely dedicated resources. Of course, you're going to pay for those resources. You aren't going to find a Xen VPS with 1GB of RAM for $5 or $10, unless it's a special and the provider is using it as a loss-leader to rope you in.

**w7u64xi7** · February 6th, 2012, 01:08

So far I've 3 web hosting accounts from:
- Linode (un managed) = 512 plan Xen
- BuyVM (un managed) = the highest plan OpenVZ
- KnownHost (managed) = Virtuzzo

My website expected to have a high volume of traffics as it is providing an educational stuffs for free.

I am really do not know which one I should continue with for the long run.

But honestly I found it amazing to find everything be done within minutes with knownhost.

But also find it very interested to do everything with my hand but it is a very very hard learning curve.

Also when I asked linode support to setup the vps and secure it, the support told me it is to be with 100 usd.

One more option which you may not have thought of, would be to get an outside management company to set up and "harden" the VPS for you initially. Most will do it within an hour or two, and shouldn't charge you much more than a one-time $20 or $30 fee. Then you know everything is set up correctly.

Which websites offering such services?

Finally ... what is your advise for the long run for me?

**wswd** · February 6th, 2012, 01:32

All 3 of those companies are very good. They generally have fairly good reputations in the industry.

Our company hosted our emergency support site with Knownhost for 5 or 6 years (on one of their small 768mb RAM VPS, which they no longer offer), and were very satisfied. Of course, we didn't utilize their management services at all, so I can't really speak for that, but their servers and network were generally very good.

I'd put them in order as:

1) Knownhost
2) Linode
3) BuyVM

If you can afford to go with Knownhost (they usually run some decent promotions), I would go with them. That way, you can try to do things on your server yourself, to learn, and if you mess something up or need some additional assistance, their managed support is always there.

Which websites offering such services?

There are 2 companies we recommend to our clients. http://www.xieles.com/buy-hourly-administration.html is the first. They normally do a very good job, and do it fairly quickly. Their prices are reasonable, and their techs. are knowledgeable. http://www.platinumservermanagement.com is the second, however they DO NOT offer server management or do anything server related unless you have cPanel. That's one of their major limitations. Xieles will do work on a standard linux box.

**w7u64xi7** · February 6th, 2012, 01:59

I am on VS2 with knownhost and I am using the promotion code for 15% discount for lifetime.

Honestly I am very interested to learn, and was thinking about a way to have a one-to-one course or training to understand how to do the full job from zero to hero.

The main point of learning is to manage the server later on in my own so I can pay less, for example I am paying about 34 usd for knownhost for the time being, so later on if I know how to manage things in my own I can get a better hardware VPS with the same money and go in my own.

But I understand that experience equal time and money so I am trying to start correctly the right way. And this is why I am here. Also if I want to really learn, how to do it the right way!?

So you think I should drop it and stick to KnownHost? and my interest to learn is not that important for the live website operations?

**wswd** · February 7th, 2012, 02:47

If you can afford it, I would stay with Knownhost for a while, until you learn what you are doing. That way if you mess something up, you will have them to fix things for you. Once you know what you're doing and feel comfortable managing your own linux box, you can go to an unmanaged provider and save some money.