VPS Setup for Hosting a Drupal 8 Website with HTTP/2 on Ubuntu 14.04

Bare Ubuntu installations on cheap VPS hosts can be rather, well, bare. Here are steps to add basic web server functionality and get Drupal working with LAMP and SSL:

Check for and install software updates:

apt-get update && apt-get upgrade

Change root password:

passwd root

Install basic packages:

apt-get install dialog nano sudo ufw ntp software-properties-common curl rsync

Install unattended upgrades:

apt-get install unattended-upgrades

dpkg-reconfigure -plow unattended-upgrades

Edit /etc/apt/apt.conf.d/50unattended-upgrades to include an email to send notifications:

nano /etc/apt/apt.conf.d/50unattended-upgrades

…to include Unattended-Upgrade::Mail “webmaster@yourdomain.com”;

Enable updates. Edit /etc/apt/apt.conf.d/10periodic to include the following:

APT::Periodic::Update-Package-Lists “1”;
APT::Periodic::Download-Upgradeable-Packages “1”;
APT::Periodic::AutocleanInterval “7”;
APT::Periodic::Unattended-Upgrade “1”;

Generate and set locale:

locale-gen en_US.UTF-8 ` apt-get install console-data`

Edit /etc/default/locale to include the following:

LANG=en_US.UTF-8
LANGUAGE=en_US.UTF-8
LC_ALL=en_US.UTF-8
LC_CTYPE=en_US.UTF-8

Configure timezone:

dpkg-reconfigure tzdata Add an SSH user:

adduser your-new-user

Give that user sudo (root) privileges:

gpasswd -a your-new-user sudo

Copy ssh key to the new SSH user:

ssh-copy-id your-new-user@your-server-ip-address

Configure SSH:

nano /etc/ssh/sshd_config

Change PermitRootLogin yes to PermitRootLogin no

Restart SSH:

service ssh restart

Configure UFW to allow ssh, http, https, and SMTP (outgoing email for notifications), :

ufw allow ssh

ufw allow 80/tcp

ufw allow 443/tcp

ufw allow 25/tcp

Confirm what you have added:

ufw show added

Enable UFW:

ufw enable

Install updated repositories for Apache and PHP in order to enable HTTP/2:

`add-apt-repository -y ppa:ondrej/apache2

add-apt-repository -y ppa:ondrej/php5`

apt-get update && apt-get dist-upgrade

Enable modules:

a2enmod proxy_fcgi proxy proxy_http http2 ssl expires headers rewrite

Enable HTTP/2 in the Apache config:

nano /etc/apache2/apache2.conf

and add:

# for a https server Protocols h2 http/1.1

Install LAMP components

Apache:

apt-get install apache2

Mysql:

apt-get install mysql-server php5-mysql

Setup Mysql:

mysql_install_db

mysql_secure_installation

Install PHP:

apt-get install php5 libapache2-mod-php5 php5-mcrypt

Configure to prefer index.php:

nano /etc/apache2/mods-enabled/dir.conf

Move index.php to the front:

<IfModule mod_dir.c>
    DirectoryIndex index.php index.html index.cgi index.pl index.xhtml index.htm
</IfModule>

Restart Apache:

service apache2 restart

Install extensions:

apt-get install php5-curl php5-gd php5-sqlite libssh2-php

Terminate shell session and reconnect as the ssh user you created earlier. Then give that user and www-data access to /var/www/html:

sudo chown your-user:www-data /var/www/html

Make a Mysql user and database for Drupal:

mysql -u root -p

`CREATE DATABASE drupal;

CREATE USER drupaluser@localhost IDENTIFIED BY ‘password’;

GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,INDEX,ALTER,CREATE TEMPORARY TABLES,LOCK TABLES ON drupal.* TO drupaluser@localhost;

FLUSH PRIVILEGES;

exit`

Edit settings:

sudo nano /etc/php5/apache2/php.ini

set expose_php = Off and allow_url_fopen = Off

Enable mod rewrite:

sudo a2enmod rewrite

Edit the virtualhosts file:

sudo nano /etc/apache2/sites-enabled/000-default.conf

Include:

 <Directory /var/www/html>
        AllowOverride All
    </Directory>

Then sudo service apache2 restart

Install Drush: http://docs.drush.org/en/master/install/

Navigate to /var/www/html and download drupal:

drush dl drupal

Move drupal to the /var/www/html directory (there’s a period at the end):

rsync -avz drupal*/ .

Remove the downloaded Drupal directory:

rm -rf drupal*

Configure files and folder:

mkdir /var/www/html/sites/default/files

cp /var/www/html/sites/default/default.settings.php /var/www/html/sites/default/settings.php

chmod 664 /var/www/html/sites/default/settings.php

sudo chown -R :www-data /var/www/html/*

Complete Drupal installation in the browser then change settings.php permissions:

chmod 644 /var/www/html/sites/default/settings.php

PHP modules currently in use: php7.2-fpm php7.2-curl php7.2-fpm php7.2-gd php7.2-json php7.2-mbstring php7.2-mysql php7.2-opcache php7.2-readline php7.2-xml php7.2-zip