must install ssh, telnet not secure even password ================================================= ssh -l root 99.999.999.99 install fail2ban ================== sudo apt install fail2ban systemctl status fail2ban.service sudo systemctl enable fail2ban sudo systemctl start fail2ban sudo systemctl status fail2ban automatically upgrade debian linux =================================== sudo apt-get install unattended-upgrades apt-listchanges sudo apt-get install unattended-upgrades sudo dpkg-reconfigure -plow unattended-upgrades Install nginx ============= sudo apt-get install nginx -y sudo systemctl start nginx sudo systemctl enable nginx cat /etc/nginx/sites-enabled/default cat /etc/nginx/sites-available/default certbot ssl ============ sudo apt install snapd sudo snap install core sudo snap refresh core sudo snap install --classic certbot sudo ln -s /snap/bin/certbot /usr/bin/certbot sudo certbot --nginx --agree-tos --redirect --email root@xxx.ca -d xxx.ca -d www.xxx.ca upload files for static website ================================ /var/www/html run process in background without hangingup or killing on exit =============================================================== nohup bash-command & to make it dynamic install php ================================= sudo apt-get install php8.2-sqlite3 sudo apt-get install php php-fpm php-curl php-cli php-zip php-mysql php-xml -y php -v sudo systemctl status php7.4-fpm or php8.2-fpm sudo nano /etc/nginx/sites-available/default add index.php to index section in both 80/443 places otherwise will have 403 forbidden error uncomment php section and apache section, leave the 9000 port section commented must uncomment in both http 80 and https section 443 index index.html index.htm index.nginx-debian.html index.php; server_name xxx.ca www.xxx.ca; # managed by Certbot location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass PHP scripts to FastCGI server # location ~ \.php$ { include snippets/fastcgi-php.conf; # # # With php-fpm (or other unix sockets): fastcgi_pass unix:/run/php/php8.2-fpm.sock; # # With php-cgi (or other tcp sockets): # fastcgi_pass 127.0.0.1:9000; } nginx -t sudo service nginx reload sudo chmod -R 755 /var/www/html echo "" >> /var/www/html/info.php test but delete phpinfo file afterwards, since security risk ls -la to see if have x for info.php chmod 755 info.php or recursively sudo chmod -R 755 /var/www/html 4=read 2=write 1=execute echo -e "User-agent: *\nAllow: /" > robots.txt sudo chmod -R 755 /var/www/html sudo systemctl restart nginx log files are at cat /var/log/nginx/error.log.1 access.log and sqlite3 database ================== sudo apt-get install sqlite3 sudo apt-get install php8.2-sqlite3 sqlite3 data.db "CREATE TABLE posts ( id INTEGER PRIMARY KEY AUTOINCREMENT, hash_name TEXT, ip_address TEXT, parent_id INTEGER, text TEXT NOT NULL, date_posted DATETIME DEFAULT CURRENT_TIMESTAMP, isSpam INTEGER DEFAULT 0 );" sqlite3 data.db .schema .exit sudo chmod -R 755 /var/www/html database might not write need to give ownership over the database to nginx php otherwise database will not write see user sudo ps aux | grep nginx or php should be both www-data sudo chown www-data:www-data /var/www/html/ sudo chown www-data:www-data /var/www/html/data.db both owner of folder and fille required to write to database rotate logs ============ sudo apt-get install logrotate turn off nginx logs ===================== nano /etc/nginx/nginx.conf add in the http area error_log /dev/null crit; access_log off; copy directory over ssh ======================= scp -r /home/to/local/source user@ssh.example.com:/home/to/remote/destination download directory over ssh =========================== scp -r user@ssh.example.com:/home/to/remote/source /path/to/local/destination logout ======= logout