Hi guys.I know that many of you have gotten yourself a free VPS from host1free.com.But remember to not let it stay inactivity as it will cause your account to be suspended.
Below is a guide I found from their forum on hosting a simple SSL-encrypted site free of charge.
Note if you want a free SSL go here startssl.com
Section A - Connecting to your VPS, running updates, and installing Webmin
1. Log into your VPS Control panel and make sure your server is online.
2. Reset your 'Root Password' and 'Console Password' to a password of your choosing.
2b. (optional) If you haven't already, setup your hostname as vps.yourdomain.com.
3. Using your DNS management console (such as ClouDNS), you want to setup an A record for yourdomain.com to point to your VPS IP and then CNAME www.yourdomain.com to yourdomain.com.
3b. (optional) Setup the appropriate CNAME record pointing vps.yourdomain.com to yourdomain.com.
4. Use an SSH client, such as Putty, to connect to the IP address that is assigned to your VPS on port 22. If you setup the above records in DNS, then you should be able to access your VPS via your hostnames that you created earlier. If you are prompted to accept a fingerprint / encryption key, pick yes.
5. The username appears to be 'root' (without quotes), and the password will be whatever you setup earlier.
6. Now type 'yum update' and choose yes to the download / update prompts. Then type 'yum install policycoreutils'. This installs various tools, such as commands for managing your iptables (firewall).
7. Now it's time to install a control panel. I'm using webmin. Type the following lines into your shell prompt.
Code:
cat > /etc/yum.repos.d/webmin.repo << EOF
[Webmin]
name=Webmin Distribution Neutral
#baseurl=http://download.webmin.com/download/yum
mirrorlist=http://download.webmin.com/download/yum/mirrorlist
enabled=1
EOF
rpm --import http://www.webmin.com/jcameron-key.asc
yum install webmin
8. You can now log into webmin by putting the IP of your vps into your browser. After the ip, put in :10000 which means you are connecting on port 10,000. The username / password is the same as step 4. (Example http://1.2.3.4:10000)
Section B - Secure access to webmin and have it load on-demand
Currently webmin runs in the background all the time. What this means is that the server is always using up part of your available memory (~17MB usage). By changing the server to run on-demand, the server will only run when you need to access it and free up the memory it uses when you are not using it.
1. You want to make sure you are logged into your VPS via SSH. Stop webmin with the command /etc/webmin/stop
2. You want to open up the file /etc/webmin/miniserv.conf and comment out the line that says session=1. Then you want to add the line inetd=1 and save the file.
3. Create a new file in the directory /etc/xinetd.d/ called webmin. Add the following lines into the file and save it...
Code:
service webmin
{
user = root
env = LANG=
port = 10000
socket_type = stream
protocol = tcp
wait = no
disable = no
type = UNLISTED
server = /usr/libexec/webmin/miniserv.pl
server_args = /etc/webmin/miniserv.conf
}
3b. (optional) If you wish to restrict webmin access to a an IP address / IP range, then add the following line into the webmin file created above and save it...
Code:
only_from = IP address or IP range. (Example. 1.2.3.4 or 1.2.0.0/16)
4. Now you will need to restart xinetd to have the settings take effect. Issue the command /etc/rc.d/init.d/xinetd restart. You should still be able to access webmin on port 10000 as normal.
5. Once in webmin, click on the 'system' link in the upper left, then click 'boot up and shut down'. Checkmark 'webmin' from within the list, and click on 'Disable now and on boot'. This will stop the webmin server from automatically loading when the server boots up.
5b. (optional) If you also want to setup the same IP restriction within webmin itself, as we did in the webmin file, here's how. Click 'webmin', then 'webmin configuration', then 'ip access control'. Mark it for 'only allow from listed addresses' and put in the IP information below. Then click on save.
6. From 'webmin configuration', click on 'ports and addresses'. Where it mentions 'web server hostname', put in your vps hostname (example: vps.yourdomain.com). Then click on save.
7. To enable SSL within webmin, click on 'SSL Encryption' within the 'webmin configuration' page. The page should mention needing the Net::SSLeay Perl module installed to use SSL. Click on the link to install the module. Once that is done, enable SSL within the 'SSL Encryption' page if it is not already on. The server will now only connect over HTTPS and currently uses a self-signed SSL certificate. You can upload your own SSL Cert at anytime.
Section C - Configuring apache to host a simple website
By default, apache is setup to send HTTP responses to any domain that is pointed to your VPS IP address. To verify that apache is working at this time, put your VPS IP / hostname into your browser. You should see an apache test page.
To stop apache from responding to any domain request that someone points to your VPS IP, we will setup apache to only respond to HTTP requests on your domain. We do this by configuring a few virtual servers within the apache config file. We will also be installing SSL and PHP support.
1. From webmin, go into the 'Servers' section, and click on 'Apache Webserver'. In the upper-right, click on 'Stop Apache'. If you are logged into your VPS via SSH, instead type service httpd stop. No need in having apache running until we upload some content to it.
2. Log into your VPS via SSH and type yum install mod_ssl. This will download and install the module(s) needed to provide HTTPS support.
3. Now type yum install php. This will download and install the module(s) needed for PHP support.
4. Within webmin, while still in the 'Apache Webserver' area, click on 'Global Configuration'. Then click on 'Edit Config Files'. We will be setting up apache to not give out unnecessary information about your VPS and also configure the virtual servers.
5. The initial file to open should be httpd.conf. Under section 1, look for the line that says 'ServerTokens OS' and change it to 'ServerTokens ProductOnly'.
6. A bit further down in the config file, looks for 'ServerSignature On' and change to 'ServerSignature Off'. This will prevent apache from showing your server info on any type of error-related pages.
7. Now scroll down to the bottom of the httpd.conf file. Add the following lines, which are needed for setting up our virtual hosts. This part configures apache to send a 403 error to any domain request that comes in, which you don't setup an explicit entry for. After entering the lines, click the save button at the bottom.
Code:
NameVirtualHost VPS-IP-ADDRESS:80
NameVirtualHost VPS-IP-ADDRESS:443
<VirtualHost VPS-IP-ADDRESS:80>
</VirtualHost>
8. On the 'apache webserver' page, click on 'Create Virtual Host'. You want to mark 'specify ip address' and put in your VPS IP. Make sure port is set for 80. Root document will be /var/www/yourdomain.com/ (we will create the actual folder later). Uncheck 'allow access to this directory' to prevent directory indexing. Set server name as www.yourdomain.com. Then click on 'Create Now'.
8b. (optional) If you want to setup HTTPS, create another virtual host with the same information but using port 443.
9. Click on the new virtual server that shows up for your domain for port 80, then click on 'networking & addresses'. Where it says 'alternate virtual server names', put in yourdomain.com. Now click on save.
9b. (optional) If you did step 8b, then follow step 9 for the virtual domain you setup with port 443.
10. Click on 'refresh modules' on the left side of webmin to have it re-scan your VPS. Once the scan is done, click on 'others' section and you should see an entry for 'PHP Configuration'. Click on this, then click 'manage' on the right side of the page, then click on 'other settings'.
11. In here, we want to mark YES for 'Allow PHP scripts starting with <?'. We also want to mark NO for 'Allow opening of URLs as files?'. Go ahead and click on save.
12. Use WinSCP or another SFTP program to connect to your VPS via port 22. You want to be in /var/www/ and then create the folder yourdomain.com. Inside this folder, you would upload your index.html / index.php file, along with any other files for your site.
12b. (optional) If you created the virtual host for port 443, then we will need to upload your SSL crt & key files. Name the files www.yourdomain.com.key & www.yourdomain.com.crt.
12c. (optional) The crt file will be uploaded to /etc/pki/tls/certs/. The key file will be uploaded to /etc/pki/tls/private/.
12d. (optional) In webmin, go into the 'servers' section & click on 'apache webserver'. Then click on the virtual host you setup earlier for port 443. Now click on 'SSL options'. Put /etc/pki/tls/certs/www.yourdomain.com.crt into the Certificates keyfile line and then /etc/pki/tls/private/www.yourdomain.com.key into the private keyfile line. Uncheck SSLv2 in the upper right, mark YES for enable ssl, and click on save.
13. If you are in logged into your VPS via SSH, type service httpd start. From webmin, go into the 'Servers' section, and click on 'Apache Webserver'. In the upper-right, click on 'Start Apache'. You should be able to pull up your website at www.yourdomain.com and yourdomain.com via HTTP and HTTPS.
1 comments:
Is this legal? in TOS of host1free?
Post a Comment