This is for CentOS 7 on A2server
A2 hosting was chosen because of: https://hostingfacts.com/hosting-reviews/
Disable SSH login for root (recommended): https://www.a2hosting.com/kb/getting-started-guide/accessing-your-account/disabling-ssh-logins-for-root
To make a script to delete files older than X days when there is less than XGB left, see this:
To monitor uptime for the server, use: https://uptimerobot.com/
Rclone is used to automatically backup file toGoogle Drive account:
Install: https://rclone.org/install/
Configuration for Google Drive: https://rclone.org/drive/ or https://linoxide.com/file-system/configure-rclone-linux-sync-cloud/
Usage: https://rclone.org/docs/
For Rclone filtering: https://rclone.org/filtering/
To back up the whole VPS, follow this:
This is more options: http://tamxuanla.blogspot.com/2015/10/how-to-backup-full-centos-server_22.html
Modified script as this:
First: Make sure you have the your_site.com.conf file inside /etc/httpd/conf.d. Following the following website: https://www.rosehosting.com/blog/apache-virtual-hosts-on-centos/ ; For more elaborate see: https://devops.profitbricks.com/tutorials/how-to-set-up-name-based-virtual-hosting-vhosts-with-apache-web-server-on-centos-7-1/
Optional, here is another way the step above can be set up (Note: this website set up a bit different than the one above, specifically, the above website use /etc/httpd/conf.d/ instead of /etc/httpd/sites-enabled): https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-virtual-hosts-on-centos-7
danielromogroup.com and other sites on this server has been set up using /etc/httpd/conf.d/site.com.conf
This is a good installation for Certbot Let’sEncrypt (ignore the multiple certificate setting): https://certbot.eff.org/#centosrhel7-apache
Using Certbot (Intro): https://certbot.eff.org/#centosrhel7-other
Rate limit for Let’sEncrypt: https://community.letsencrypt.org/t/rate-limits-for-lets-encrypt/6769
To test your SSL for your site:
To read more about SSL: https://yoast.com/dev-blog/move-website-https-ssl/
To strengthen your SSL connection:
OCSP Stapling: help with all SSL security connection a little faster:
Assinging password and require immediate pass change after log in: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/chap-Hardening_Your_System_with_Tools_and_Services.html#sec-Password_Security
We need to modify the httpd.conf
file:
In this file: after <Directory "/var/www/html">
, modify AllowOverride None
to AllowOverride Options
.
Save the file (hit Esc, type :wq
and then Enter)
Restart httpd service:
Creating Template:
DON’T FORGET TO OPEN PORT 7822 FOR SSH WHILE USING A2 SERVER
If forgot to open port 7822, follow this link: https://www.a2hosting.com/kb/getting-started-guide/accessing-your-account/using-the-solusvm-control-panel#Using-the-serial-console
Error that need to change packet size: http://stackoverflow.com/questions/8062496/how-to-change-max-allowed-packet-size
On current A2 hosting, the server config can be found in /etc/httpd/conf/httpd.conf
Setting up multiple Let’sEncrypt certificates for multiple hosts on the same server: https://www.digitalocean.com/community/tutorials/how-to-set-up-let-s-encrypt-certificates-for-multiple-apache-virtual-hosts-on-ubuntu-14-04 (this is for Ubuntu)
For CentOS, generate two #.conf files in /etc/httpd/conf.d/. For example: /etc/httpd/conf.d/site1.com.conf and /etc/httpd/conf.d/site2.com.conf. Each conf file is the apache set up for the site. Example of the content of site2.com.conf:
After that use “/usr/local/sbin/certbot --apache -d example.com -d www.example.com” . The content of site2.com.conf file will be automatically changed. Here is example of the content of site2.com.conf after running the “certbot-auto…”
Read here for more info about a set up a conf file for SSL certificate: https://www.linode.com/docs/security/ssl/ssl-certificates-with-apache-2-on-centos
Initial Install: https://www.digitalocean.com/community/tutorials/how-to-install-wordpress-on-centos-7
WP security, from A2 hosting: https://www.a2hosting.com/kb/security/application-security/wordpress-security
UpdraftPlus Plugin is used to back up WordPress. To restore Wordpress
Create a fresh install of wordpress as in the link above
Install Updraftplus plugin
Load the backup files
Restore
If there is issue after restore, check here first. A common issue is the rewrite link issue (Wordpress Permanet link), follow the solution in “Using ‘Pretty’ permalinks” in this link: https://codex.wordpress.org/Using_Permalinks
Multiple sites (using WordPress) installation: https://www.digitalocean.com/community/tutorials/how-to-set-up-multiple-wordpress-sites-using-multisite
Moving Wordpress site(s): https://codex.wordpress.org/Moving_WordPress
Uninstall Wordpress: https://www.tipsandtricks-hq.com/how-to-uninstall-and-reinstall-wordpress-245
To use 1-click update on Wordpress, you need
Wordpress folder (in this case /var/www/html/baylorcpritlab.com) to be owned by apache:apache with 755 permission
To secure Wordpress, all folders inside the baylorcpritlab.com should have 755 persmission and all files should have 644 permission
Wordpress login trouble: https://codex.wordpress.org/Login_Trouble
See here for official guide: http://www.bookedscheduler.com/help
Note: when change the info in the config.php file, make sure to change the:
Install password
User: to ‘root’
Password to ‘root_passowrd’