Featured image of post My Webserver Setup part 1
Server Administration Networking Linux Setup Web Hosting Linux Debian

My Webserver Setup part 1

Note: This post was created awhile back on another platform and I migrated to my current one.

Setting Up a Debian (Lenny) Server on Linode

Server Setup

This tutorial is a refined version of the SliceHost guide for setting up a Debian 5.0 (Lenny) server.

Why a Virtual Server?

If you need a web server without paying for a dedicated physical machine, a virtual private server (VPS) is a great alternative. After comparing different providers, I chose Linode because they offered more RAM for the price.

Server Setup Steps

1. Load Debian Lenny Image

Using Linode’s manager, load up Debian Lenny’s image and set up the root password.

2. SSH into Your Server

For Windows users, download PuTTY to connect via SSH.

Example:

1

ssh root@123.45.67.123

Basic Configurations

3. Enable Color Console

Color in the terminal helps differentiate files, directories, and commands.

  1. Navigate to the root directory: 
    1

    cd /root
  2. Edit .bashrc: 
    1

    nano .bashrc
  3. Add/uncomment the following: 
    1
2
3
4
5
6

    # Enable colorized ls
export LS_OPTIONS='--color=auto'
eval "`dircolors`"
alias ls='ls $LS_OPTIONS'
alias ll='ls $LS_OPTIONS -l'
alias l='ls $LS_OPTIONS -lA'

4. Create a New User with Root Privileges

Using root all the time isn’t safe. Create an admin user instead:

  1. Create an admin group: 
    1

    groupadd admin
  2. Edit sudoers: 
    1

    visudo
    Add the following line: 
    1
2

    ## Allows people in group admin to run all commands
admin  ALL=(ALL)       ALL
  3. Add a user to the group: 
    1
2

    adduser anthony
usermod -a -G admin anthony
  4. Switch to the new user: 
    1

    su anthony

5. Secure SSH Configuration

Edit the SSH config file:

1

sudo nano /etc/ssh/sshd_config

Modify these lines:

1
2
3
4
5

Protocol 2
PermitRootLogin no
PasswordAuthentication no
UseDNS no
AllowUsers anthony

Restart SSH for changes to take effect:

1

sudo service ssh restart

Firewall (iptables) Setup

6. Check Current Firewall Rules

1

sudo iptables -L

If no rules exist, add some:

7. Create a Firewall Rules File

1
2

sudo mkdir /root/firewall
sudo nano /root/firewall/iptables.current.rules

Add the following:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

*filter

# Allow loopback traffic and drop unwanted traffic to 127.0.0.1
-A INPUT -i lo -j ACCEPT
-A INPUT ! -i lo -d 127.0.0.0/8 -j REJECT

# Accept established inbound connections
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow outbound traffic
-A OUTPUT -j ACCEPT

# Allow HTTP, HTTPS, and SSH
-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -p tcp --dport 443 -j ACCEPT
-A INPUT -p tcp --dport 22 -j ACCEPT

# Allow ping
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT

# Log denied packets
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7

# Reject all other inbound traffic
-A INPUT -j REJECT
-A FORWARD -j REJECT

COMMIT

8. Apply the Firewall Rules

1

sudo /sbin/iptables-restore < /root/firewall/iptables.current.rules

Check the applied rules:

1

sudo iptables -L

9. Persist Firewall Rules After Reboot

Create a script:

1

sudo nano /etc/network/if-pre-up.d/iptables

Add:

1
2

#!/bin/sh
/sbin/iptables-restore < /root/firewall/iptables.current.rules

Make it executable:

1

chmod +x /etc/network/if-pre-up.d/iptables

To back up current rules:

1

sudo iptables-save -c > iptables-backup.txt

Other Configurations

10. Set Server Timezone

1

sudo dpkg-reconfigure tzdata

Follow the on-screen menu.

11. Set Server Locale

1

sudo dpkg-reconfigure locales

Select en_US.UTF-8 UTF-8 or another preferred locale.

Domain Name Setup

I registered my domain with GoDaddy. During setup, I provided these Linode name servers:

1
2
3
4
5

ns1.linode.com
ns2.linode.com
ns3.linode.com
...
ns6.linode.com

Conclusion

This guide helps you set up a Debian (Lenny) server on Linode securely, including SSH hardening, user management, and firewall setup. You can now proceed with hosting your applications.

© 2009 - 2025 Anthony Quoc Anh Doan - Ramblings of a Happy Scientist

Desiderata by Max Ehrmann

Go placidly amid the noise and the haste, and remember what peace there may be in silence. As far as possible without surrender be on good terms with all persons. Speak your truth quietly and clearly; and listen to others, even to the dull and the ignorant, they too have their story. Avoid loud and aggressive persons, they are vexations to the spirit.

If you compare yourself with others, you may become vain or bitter; for always there will be greater and lesser persons than yourself. Enjoy your achievements as well as your plans. Keep interested in your own career, however humble; it is a real possession in the changing fortunes of time.

Exercise caution in your business affairs, for the world is full of trickery. But let not this blind you to what virtue there is; many persons strive for high ideals, and everywhere life is full of heroism. Be yourself. Especially do not feign affection. Neither be cynical about love; for in the face of all aridity and disenchantment it is as perennial as the grass. Take kindly the counsel of the years, gracefully surrendering the things of youth.

Nurture strength of spirit to shield you in sudden misfortune. But do not distress yourself with dark imaginings. Many fears are born of fatigue and loneliness. Beyond a wholesome discipline, be gentle with yourself. You are a child of the universe, no less than the trees and the stars; you have a right to be here. And whether or not it is clear to you, no doubt the universe is unfolding as it should.

Therefore, be at peace with God, whatever you conceive Him to be. And whatever your labors and aspirations in the noisy confusion of life, keep peace in your soul. With all its sham, drudgery and broken dreams; it is still a beautiful world. Be cheerful.

Strive to be happy.

Built with Hugo
Theme Stack designed by Jimmy