VPS Setup for Hosting a Drupal 8 Website with HTTP/2 on Ubuntu 14.04
Bare Ubuntu installations on cheap VPS hosts can be rather, well, bare. Here are steps to add basic web server functionality and get Drupal working with LAMP and SSL:
Check for and install software updates:
apt-get update && apt-get upgrade
Change root password:
passwd root
Install basic packages:
apt-get install dialog nano sudo ufw ntp software-properties-common curl rsync
Install unattended upgrades:
apt-get install unattended-upgrades
dpkg-reconfigure -plow unattended-upgrades
Edit /etc/apt/apt.conf.d/50unattended-upgrades to include an email to send notifications:
nano /etc/apt/apt.conf.d/50unattended-upgrades
…to include Unattended-Upgrade::Mail “webmaster@yourdomain.com”;
Enable updates. Edit /etc/apt/apt.conf.d/10periodic to include the following:
APT::Periodic::Update-Package-Lists “1”;
APT::Periodic::Download-Upgradeable-Packages “1”;
APT::Periodic::AutocleanInterval “7”;
APT::Periodic::Unattended-Upgrade “1”;
Generate and set locale:
`
locale-gen en_US.UTF-8
apt-get install console-data`
Edit /etc/default/locale to include the following:
LANG=en_US.UTF-8
LANGUAGE=en_US.UTF-8
LC_ALL=en_US.UTF-8
LC_CTYPE=en_US.UTF-8
Configure timezone:
dpkg-reconfigure tzdata
Add an SSH user:
adduser your-new-user
Give that user sudo (root) privileges:
gpasswd -a your-new-user sudo
Copy ssh key to the new SSH user:
ssh-copy-id your-new-user@your-server-ip-address
Configure SSH:
nano /etc/ssh/sshd_config
Change PermitRootLogin yes
to PermitRootLogin no
Restart SSH:
service ssh restart
Configure UFW to allow ssh, http, https, and SMTP (outgoing email for notifications), :
ufw allow ssh
ufw allow 80/tcp
ufw allow 443/tcp
ufw allow 25/tcp
Confirm what you have added:
ufw show added
Enable UFW:
ufw enable
Install updated repositories for Apache and PHP in order to enable HTTP/2:
`add-apt-repository -y ppa:ondrej/apache2
add-apt-repository -y ppa:ondrej/php5`
apt-get update && apt-get dist-upgrade
Enable modules:
a2enmod proxy_fcgi proxy proxy_http http2 ssl expires headers rewrite
Enable HTTP/2 in the Apache config:
nano /etc/apache2/apache2.conf
and add:
# for a https server
Protocols h2 http/1.1
Install LAMP components
Apache:
apt-get install apache2
Mysql:
apt-get install mysql-server php5-mysql
Setup Mysql:
mysql_install_db
mysql_secure_installation
Install PHP:
apt-get install php5 libapache2-mod-php5 php5-mcrypt
Configure to prefer index.php:
nano /etc/apache2/mods-enabled/dir.conf
Move index.php to the front:
<IfModule mod_dir.c>
DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm
</IfModule>
Restart Apache:
service apache2 restart
Install extensions:
apt-get install php5-curl php5-gd php5-sqlite libssh2-php
Terminate shell session and reconnect as the ssh user you created earlier. Then give that user and www-data access to /var/www/html:
sudo chown your-user:www-data /var/www/html
Make a Mysql user and database for Drupal:
mysql -u root -p
`CREATE DATABASE drupal;
CREATE USER drupaluser@localhost IDENTIFIED BY ‘password’;
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,INDEX,ALTER,CREATE TEMPORARY TABLES,LOCK TABLES ON drupal.* TO drupaluser@localhost;
FLUSH PRIVILEGES;
exit`
Edit settings:
sudo nano /etc/php5/apache2/php.ini
set expose_php = Off
and allow_url_fopen = Off
Enable mod rewrite:
sudo a2enmod rewrite
Edit the virtualhosts file:
sudo nano /etc/apache2/sites-enabled/000-default.conf
Include:
<Directory /var/www/html>
AllowOverride All
</Directory>
Then sudo service apache2 restart
Install Drush: http://docs.drush.org/en/master/install/
Navigate to /var/www/html and download drupal:
drush dl drupal
Move drupal to the /var/www/html directory (there’s a period at the end):
rsync -avz drupal*/ .
Remove the downloaded Drupal directory:
rm -rf drupal*
Configure files and folder:
mkdir /var/www/html/sites/default/files
cp /var/www/html/sites/default/default.settings.php /var/www/html/sites/default/settings.php
chmod 664 /var/www/html/sites/default/settings.php
sudo chown -R :www-data /var/www/html/*
Complete Drupal installation in the browser then change settings.php permissions:
chmod 644 /var/www/html/sites/default/settings.php
PHP modules currently in use: php7.2-fpm php7.2-curl php7.2-fpm php7.2-gd php7.2-json php7.2-mbstring php7.2-mysql php7.2-opcache php7.2-readline php7.2-xml php7.2-zip