About your new CentOS 6 Cloud VPS
Posted by Helpdesk Admin on 19 June 2013 04:49 PM
|
|
The following article contains information on your new CentOS 6 Cloud VPS including some common tasks you may wish to undertake. Note that Cloud VPS is a self-managed service so you are responsible for installation and configuration of all required applications etc on your server. Where you need additional assistance managing your VPS, our professional services team can handle these for you on a case-by-case basis as a paid service, please contact your account manager for additional information. Installing or Updating Packages on your CentOS VPSThe main way to install your own versions of packages such as PHP, MySQL, Apache etc on your VPS is to use the “yum” program. Yum is usually installed by default on your Centos 6 Cloud VPS. The following link contains information on using yum: http://www.centos.org/docs/5/html/yum/Important: You must *not* ever remove or update the kernel as this is tied to the virtualization system. Updates to VPS core files (operating system) should be performed periodically. This can be done two ways. From the command line (SSH shell) you can issue the command "yum update". Or you can use the "Update OS" button on the Irish Domains control panel on the "VPS Management" page. Default versions of common packages (as of June 2013) Note: The default version of various applications on your VPS may appear older than that used by some developers. This is because CentOS 6 is an Enterprise Linux system and is designed for maximum stability rather than having the latest version of every application. Please note that even though your VPS may contain older major versions of applications such as PHP, these are regularly updated with back-ported security updates so are safe to use. PHP5.3.3 Apache 2.2.15 Perl 5.8.5 MySQL 5.1.69 APC 3.1.9 Vsftpd 2.2.2 Useful file locations Log files: /var/log Default website location: /var/www/html MySQL Working Directory: /var/lib/mysql MySQL Configuration: /etc/my.cnf Apache Configuration: /etc/httpd/conf/httpd.conf & /etc/httpd/conf.d PHP Configuration: /etc/php.ini & /etc/php.d FTP Configuration: /etc/vsftpd/vsftpd.conf & /etc/vsftpd/user_list Enabling MySQL By default, MySQL is not set running on your VPS. It is quite simple to enable MySQL on your VPS, however there are certain tasks you must do in order to ensure your database is secure. To enable MySQL, proceed as follows: 1) Disable TCP/IP networking for MySQL. Most applications will use a local socket connection to mysql and do not require network access. Disabling networking allows almost all applications to run normally, but makes it impossible for anyone to connect to your MySQL from outside. To disable MySQL network connections you need to edit the MySQL configuration file /etc/my.cnf as follows vim /etc/my.cnf Move the cursor to the second line (underneath [mysqld]) 2) Start the MySQL service, and configure it to start on every boot. Enter the following commands: service mysqld start 3) At this point, MySQL should be running but with no databases, and no root password (not very secure). To set the password, enter the following command (where “xxxxyyyy” is your desired password): mysqladmin -u root password xxxxyyyyNo 4) Now MySQL is running more securely. To use it, we should create a new database “mynewdb” and a user “mynewuser” with access to that database only (best practice). We’ll use the mysql command line tool to execute the remaining commands (at the mysql> prompt) : mysql –p –u root [you will need to enter the password set above] You should now be able to connect to this database using the hostname: localhost, the database name: MyNewDB, and the user details: MyNewUSER/MyNewPWD Installing an FTP server In many cases, FTP is not required as more secure transfers may be effected using SCP (via free application WinSCP) or other methods. However, the following instructions show how configure vsftpd to allow one user access to the default website root location only: 1) The popular vsftpd program is usually included with CentOS 6. Edit the file /etc/vsftpd/vsftpd.conf and ensure the following directives are set as shown: anonymous_enable=NO 3) Edit the list of allowed users in /etc/vsftpd/user_list … remove all users and insert only the name of the user we are about to create (say “siteUSER”) 4) Create the new user (non-login) "siteUSER" and make their home directory the same as the web root (or specific site you want them restricted to): useradd -d /var/www/html -M -s /sbin/nologin siteUSER 5) Set a password for the user (you will be prompted to enter the password twice): passwd siteUSER 6) Start up the FTP service: service vsftpd start At this point, FTP service is running and the new user should be able to log in. Note that we have not configured the FTP service to start automatically on boot. For security, we recommend that FTP service is *not*left running and is only started before uploading files, and stopped again afterwards using “service vsftpd stop”. If you need the service running automatically on boot, enable this with the command “chkconfig vsftpd on”. If there is an existing website present at /var/www/html, you may wish to consider changing ownership all files in that directory to user "siteUSER" and group "siteUSER" so that the FTP user can overwrite & modify files there. Installing Mcrypt for PHP The php-mcrypt extension is not part of the CentOS 6 distribution and is therefore not installed by default. Some open-source applications (most notably Magento) require php-mcrypt. If you are running such an application, then you should manually install this from a third party repository such as EPEL. You can do this from the VPS command line via SSH as outlined below: 1) Enable EPEL Repository - please note the URL may change with version so check on the site for the latest version (for EL6). rpm -Uvh http://ftp.heanet.ie/pub/fedora/epel/6/i386/epel-release-6-8.noarch.rpm 2) Install the extension: yum install php-mcrypt 3) If you are running PHP as an apache module (not recommended) then restart it service httpd restart | |
|