Jul 062013

These steps were documented when doing the basic initial setup on my new (mt) Media Temple DV Developer Server after provisioning it with Ubuntu 12.04 LTS. These steps probably also work fine for 12.10, 13.04, etc.   Comments, corrections, additions are welcome below.

Add new user account & disable root ssh access

The (mt) Ubuntu install by default enables SSH access for root, which requires you to create a new user account with ssh and sudo privileges before disabling root ssh access. If you are using a non-(mt) Ubuntu image, you might already have a user account created and can skip this section.

1. Connect as root via SSH to your server. More details here

2. Run command: sudo adduser new-user-name

For example: sudo adduser tony will create a user and group named tony. Make sure to enter a secure password when prompted.

3. Run command: sudo adduser new-user-name sudo

This adds your new account to the sudo group, whose members can execute commands as root via sudo.

4. Logout of your root session and ssh back into your server with your new account information.

5. Test running a command or two as root such as: cat /etc/sudoers (should be permission denied) vs sudo cat /etc/sudoers (should display after re-entering your password.)

6. Run the command: sudo nano /etc/ssh/sshd_config

Change the line #PermitRootLogin yes  to instead say PermitRootLogin no   (note remove leading hashtag along with changing yes to no.)  Control-O, Control-X to save and exit. This disables root ssh access.

Additional reference:
Media Temple’s KB article
Ubuntu’s article


Install Apache, PHP and MySQL

These three packages provide the basic services needed to host almost any website software: WordPress, Joomla, Mediawiki, phpBB, Magenta, etc.

Begin by installing Tasksel, which will allow you to install the rest of the packages in one easy step:

sudo apt-get update

sudo apt-get install tasksel

Next run the tasksel script that will download, install, and configure the rest of your LAMP software:

sudo tasksel install lamp-server

– Enter a password for the MySQL administrator / root account

After the packages are downloaded and installed, test each package.

Test Apache2: Browse to your domain name/IP address. If you see an “It works!” page, then Apache2 is installed correctly.

Test PHP: Create a file with sudo nano /var/www/test.php with the single line: <?php phpinfo(); ?> and then browse to http://yourdomain.com/test.php to verify PHP5 operation.

Test MySQL: If all steps have completed flawlessly to this point, let’s save time and test MySQL by installing phpmyadmin. Suggestions welcome in the comments for a quick and easy test for MySQL setup.

Additional reference:
Ubuntu community article on installing LAMP
Ubuntu community article on Taskel
Ubuntu server guide on setting up Apache2


Install phpmyadmin

1. Enter sudo apt-get install phpmyadmin to begin installation.

2. Leave apache2 selected as default, press <ENTER> to continue.

3. Select <Yes> to create a database for phpmyadmin with dbconfig-common.

4. Provide the administrative / root account password chosen in the last section to create the new database and user.

5. Provide a new password for the phpmyadmin mysql account.

Installation of phpmyadmin will complete, but some additional configuration is required.

6. Configure phpmyadmin to use a unique URL: sudo nano /etc/phpmyadmin/apache.conf

– Change Alias /phpmyadmin /usr/share/phpmyadmin to Alias /your-unique-URL /usr/share/phpmyadmin

7. Add phpmyadmin to your apache2 configuration: sudo nano /etc/apache2/apache2.conf

– At the bottom of the file, append   Include /etc/phpmyadmin/apache.conf

8. Load new Apache2 configuration by restarting the service: sudo service apache2 restart

9. Browse to phpyadmin at http://yourdomain.com/your-unique-URL

You should be able to login as “root” with the mysql root / administrator password selected when installing LAMP.

Additional reference:
Excellent article on DigitalOcean.com – includes recommended added security of password protecting with .htpasswd
Stackoverflow comment on securing phpmyadmin


Install webmin

Webmin is an easy to use, web-based GUI for most basic system administration tools.

1. Add the webmin apt sources by editing: sudo nano /etc/apt/sources.list

– Append the lines:

deb http://download.webmin.com/download/repository sarge contrib
deb http://webmin.mirror.somersettechsolutions.co.uk/repository sarge contrib

2. Install the author’s GPG key:

wget http://www.webmin.com/jcameron-key.asc
sudo mv jcameron-key.asc /root
sudo apt-key add jcameron-key.asc

3. Install webmin:

sudo apt-get update
sudo apt-get install webmin

4. Browse to your webmin at https://yourdomain.com:10000 to ensure operation. It will default to https, so OK accept your ‘unsigned’ certificate.

– Login with your sudo-enabled account

5. Change the default webmin port by browsing to Webmin -> Webmin Configuration -> Ports and Addresses

– Select a new port from 1024 to 65535

– Upon saving, you will be redirected to the new port number and will have to re-accept the security certificate.

Additional reference:
Great article on installing Webmin on Ubuntu 12.04 Nick Yeoman
Webmin Official Installation Instructions

Recommend adding additional .htpassword protection and .htaccess rule ot allow only specific IPs.