Hey there, I’m finally publishing this huge article on #CloudServer Setup. It took around 2 months to write down all these hyperlinked posts, creating and editing video tutorial, and narrating the entire guide in a simple format.
If you’re willing to learn in-and-out of Cloud Server, then please grab a coffee or something similar, cause this is going to be really long and helpful.
When I say cloud server, I literally mean the DigitalOcean Cloud Server and strongly recommend them. I’ve been with DigitalOcean for 5ish years now, and let me tell you that they-never-put-me-down.
Of course, there are a lot of other companies that can help spin up a cloud server, however, I personally feel DigitalOcean is best-in-class and scalable with great server hardware infrastructure. And, they are also known to be ‘Developers Favorite‘.
Finally, I want to Thank DigitalOcean for being amazing all these years! #ThankYouDO 🙂
Dramatic entrance, isn’t it? But frankly, I mean it!
Now let’s get started with our step by step guide —
First and foremost thing is that you need to create is DigitalOcean account. Just signup using your existing email ID and password. You also have the option to sign up with Google SSO and GitHub Login.
Bonus: If you sign up using my DigitalOcean referral, you will get a $50 credits which are valid for 30 days.
Please note that credits are only valid for new user registration.
After completing your registration and filling other details, just spin a new and latest stable Ubuntu cloud server droplet.
You can follow this comprehensive guide to Create Ubuntu Cloud Server and watch this video tutorial below.
In the article and video tutorial on creating ubuntu cloud in DigitalOcean, you will learn:
- What is DigitalOcean cloud and how reliable is service?
- How to register and get free DigitalOcean credits?
- Create a lastest Ubuntu Cloud Server droplet
After creating a Ubuntu droplet you will receive an email from DigitalOcean with first-time login information. Use the credentials to login into you SSH as well as SFTP remotely.
SSH and SFTP give you full access to your cloud server as a super administrator. You will be having a root user access which is considered as the highest privilege in any Linux based OS.
If you’re a Windows PC user, then you can use PuTTY client for SSH access. The macOS has an in-built terminal program which supports the remote connection option.
For SFTP, I prefer using FileZilla client which is available for all major operating systems including macOS and Windows OS.
You can follow this guide to learn about Login SSH and SFTP remotely in detail and watch this video tutorial for visual guidance.
In the article and video demo about SSH and SFTP login, you will learn:
- What is SSH and how to log in?
- Login into macOS and Windows
- What is SFTP?
- How to login SFTP using FileZilla?
Now that you’ve learned how to access the cloud server using SSH and SFTP, next we will start off with setting up the server for actual usage. Personally, I prefer LEMP stack (built using Nginx webserver) compared to LAMP Stack (built with Apache webserver).
Both LEMP and LAMP are used for deploying web application and programs. My personal favorite blogging software WordPress also needs either of these stacks to run smoothly.
Let’s start off with installing and configuring the LEMP stack on Ubuntu cloud server —
Installing and configuring the LEMP stack has a lot to do with SSH and SFTP clients, hence make sure that you keep these two handy. And it’s also recommended to use the latest available versions for all the LEMP (Linux, Nginx, MySQL, and PHP).
- Linux OS: The Ubuntu is Linux based operating system distribution.
- Nginx Web Server: It’s the webserver that helps in serving the online request. The web server helps in interacting with the external world.
- MySQL Database Server: It’s the RDBMS database that helps in storing and retrieving the data from the database tables.
- PHP Processor: The PHP processor helps in generating dynamic content using the MySQL data.
You can follow this detailed guide for step by step LEMP Stack installation as well as configuration. I also have the video tutorial on LEMP Stack.
In the article and video demo about LEMP Stack setup, you’ll learn:
- What is LEMP Stack and difference with LAMP?
- How to install Nginx?
- How to install MySQL database?
- How to install PHP for Processing?
- Configure Nginx for using PHP processor
Everyone needs a proper emailing system built inside the server. This emailing system helps in sending the important notification and errors in case if anything goes wrong within the server.
I recommend using the Postfix program as an SMTP relay server that works really well with Gmail. While there is a certain limitation as in sending limit, bulk emailing, etc. but for basic usage, Gmail is a good option.
If you’re a G Suite user like me, then you can also use custom domain i.e. @domain-name.com to send out emails which looks more professional. It also has higher sending limits as well as better security. You can signup G Suite account with a 20% discount coupon on annual purchase.
Just follow these detailed steps on Postfix SMTP Relay with Gmail and also watch this video tutorial for visualization.
In the video demo and article about Postfix for Cloud Server using Gmail SMTP, you’ll learn:
- What is Postfix and how to change the hostname
- How to install Postfix and configure with Gmail SMTP
- How to send a test email in Postfix
- Changing the Display Full Name in Gmail and retest sending
Everyone needs security, so d the online website and blogs. Since Google has started considering the security certificate as a search engine ranking factor, a lot of webmasters have upgraded to a secured connection.
Let’s Encrypt is one of secured connection certificate provider, and guess what? It’s absolutely free and forever. Unlike other premium SSL certificate provider who charges hefty money, LetsEncrypt provides the Secured Socket Layer certificated for free.
All you need is to install the program called as certbot that will help in getting the SSL certificate. The Certbot also help in auto-renewal for every 90 days before the expiration of Let’s Encrypt certificate.
Head over to this detailed article on how to get a free SSL certificate from Let’s Encrypt, and you can also watch the below video tutorial on certbot program.
In the article and video tutorial on LetsEncrypt Nginx SSL using Certbot, you’ll learn about:
- What is LetsEncrypt and pre-requisite for installation
- How to user install and configure Certbot for Let’s Encrypt
- Test SSL domain certificate
- Automatically renew the Let’s Encrypt certificate in Nginx
UFW is an acronym for Uncomplicated Firewall is the best firewall program built for Ubuntu cloud servers. Since most of the cloud server has only remote access, we should be very mindful about all the incoming and outgoing connection from the cloud server.
UFW makes the process quite simple using the iptables configuration for both IPv4 and IPv6 connections. Using the UFW firewall on Ubuntu, we can allow and deny connection to specific IP address as well as internal programs to connect the external world.
You can follow this guide on exact steps to install and configure the UFW on LEMP Cloud Server. Please watch this video tutorial for the exact step by step demo of configuring UFW.
In the article and video demo about UFW firewall setup, you’ll learn about:
- What is UFW and how to install in Ubuntu Cloud
- Enable support for IPv6
- Setup default policies for connection
- Allow connection for SSH/SFTP and Nginx
- How to enable and disable UFW firewall
We have already configured the SSL and also added the UFW to make our web server strong. Now let’s add some snippets that will further improve the overall security of our Nginx web server when serving the website requests.
By default, the Nginx is pre-configured to serve HTTP1 type protocol. However, we should upgrade the protocol to HTTP/2 which is faster and safer. We will tweak the Nginx configuration to serve all the request with HTTP/2 socket.
In this section, we will also adjust the security headers, make cipher stronger, block some advance hacking injection like cross-scripts, and also add the trusted certificate in Nginx file.
These entire changes will make our website and backend web server faster and secured from any infiltration. This will also improve the overall website rating in SSLLabs test report.
Follow this detailed guide to enable HTTP/2 and improve Nginx security for Cloud server. Here is the video tutorial on the same.
In the article and video guide about HTTP/2 and Nginx Security, you will learn:
- How to check the current web server protocol?
- How to enable HTTP/2 protocol support?
- Adding a Trusted Certificate in Nginx
- Adjusting Ciphers for stronger SSL certificate
- Improving overall Nginx Security
Caching techniques are often used for improving page speed. It reduces the loading time by caching the static files in the user-agents browser or sometimes at the server-side. It works quite well if you have got the users who are frequent visitors or return regularly.
Like mentioned, especially the browser cache technique is quite effective when loading the static assets of your website in a users browser. The files such as CSS, JS, images, etc. are stored in users browser storage and next time when the same user visit our site, the file is retrieved from the storage cache instead of a live server. This improves the overall loading speed and thus the user experience.
The other technique is to enable the Gzip compression which is somewhat similar to what we have on every machine – ZIP and Archive. This will compress the static files internally in the web server and served uncompressed files in the browser. This technique significantly reduces website size and load faster.
The expire headers actually helps in defining caching validity. For most the static asset which hardly gets changes, we set the expire time as maximum, maybe a year or two. Once the static files that are stored in Users browser cache surpass the valid date, then instead of serving from local storage the fresh files are served from the live web server.
Enabling the browser cache, Gzip compression, and setting the expire headers is really an important factor for site speed and impact the website ranking in Google search.
You can follow these steps mentioned to enable browser cache and add expire header in Nginx. You can also watch this video demo for visualization.
In the article and video demo about Nginx Browser Cache and Gzip compression you will learn:
- How to enable Leverage Browser Cache in Nginx
- Gzip Compression in Nginx Webserver
By this step, we have already set up the caching internally in the backend with browser cache, expire headers, and gzip compression. We will now set up the frontend cache that helps to convert the dynamic content into static pages. We can achieve this using the Nginx Caching along with PHP-FPM.
Every time the user visits a particular page for the first time, a cache of that dynamic page is created and stored in the server as a static HTML file. Next time when same or a different user visits the page, the cached static version of the page is served. This will eliminate the Nginx and PHP workload in regenerate the dynamic page at subsequent visit thus improve overall server performance.
With Nginx cache enabled, we do not require to set up any caching plugin if using WordPress or any web application that runs on a complete LEMP stack.
Follow these easy steps to enable the FastCGI Nginx Cache to improve overall speed. You can also follow the steps mentioned in this video guide.
In the extensive guide and video tutorial on Nginx FastCGI Cache, you will learn:
- How to setup FastCGI Cache configuration
- Including the FastCGI Cache rules in Nginx
- Adding FastCGI Nginx Cache path in the configuration file
- Define the FastCGI cache rules
- Restart and test Nginx FastCGI cache
- Setup and clear Nginx Cache in WordPress
If you’ve read the LEMP stack article you might already know what MySQL is all about and how it is used. MySQL Redis Object cache helps in reducing the number of SQL query hits.
If you’re frequently running a set of complex MySQL queries, the Redis object cache will store the output of the query results into the cache. This will help in reducing the MySQL server hits as well as serving the request faster.
Redis server will store all the complex SQL queries in the form of Object, hence its called as Object Caching.
If you’re using the MySQL database for your web application or even WordPress for that matter. Then I recommend using the Redis for Object Caching and improving the MySQL server performance.
Learn about installing the Redis Server and enable Redis Object Cache in detail. You can also watch this video demo for details.
In the article and video guide about Redis Object Cache, you will learn:
- How to install Redis Server
- Configure Redis Server in Cloud
- Setup Redis Object Cache for WordPress
- Monitor the Redis Object Cache in CLI
The DigitalOcean support two types of backup — Snapshot Image and Weekly Backup. Both work differently but can be used for the same backup purpose.
While there are certain advantages of using the snapshot which unlocks many other options to perform on an image. But, you need to turn off the cloud server while taking a snapshot to maintain the data consistency which is not feasible in most case.
Whereas droplet weekly backups are automated on a weekly basis and retain at least 4 back-ups in the droplet. You also have the option to convert the weekly backup into snapshot unlock additional actions.
The charges for the snapshot is basically on the total storage space used and DigitalOcean charges $0.05 per GB per month. On the other hand, the automated weekly backups are charged at 20% of the total droplet cost.
Example, 1GB RAM droplet which monthly pricing is $5 will be charged with an additional $1 if you enable the weekly backup which totals $6 a month. I think this cost is pretty nominal for maintaining and retaining the automated backups without any headache.
You can watch the video demo below to enable the weekly backup as well as learn more about the snapshot. I’ve also written a detailed article on snapshots image and weekly backup in DigitalOcean cloud.
In the article and video tutorial about DigitalOcean backup, you will learn:
- Enabling weekly droplet backup
- Power Off and take a snapshot image
- Convert DigitalOcean droplet into Snapshot image
We have done an amazing job till now with setting up a cloud server, optimizing, and securing it. Now we will move into maintenance mode where will be able to setup Ubuntu cloud server update and upgrade automatically.
We will use the CRON jobs feature to run the update, upgrade, auto-clean and auto-remove commands in SSH at a predefined time interval. We can also set up a nightly reboot of cloud server if required.
Follow simple steps that allow editing, and add the command line job in /etc/crontab file. This crontab file will perform all the commands that are mentioned at the set server time.
Learn here how to enable cloud server maintenance automation. You can watch this short and simple video tutorial to learn Ubuntu maintenance.
In the article about Ubuntu cloud maintenance automation and video tutorial you will learn:
- Ubuntu command lines for maintenance
- Automating Ubuntu using crontab file
- Scheduling the weekly reboot
If you face any issue or errors with the cloud server on the online website then most probably you’ll have logs that record the exact issue. Each program you use (MySQL, PHP, Nginx, UFW, etc.) in web server has separate error log files which are stored under the folder /var/log. There are also logs for authentication and access which are recorded for each success or failure.
These error logs are really useful to understand what went wrong at a moment. Say suppose you’re facing any issue with MySQL and receiving Error establishing a database connection, then you can look into the MySQL error log file to find the exact issue and resolve it.
Most of the issue and solutions are found online after a search, and I always prefer the solution provided either in an official forum or StackOverflow community.
There are certainly other ways that can help to tackle these error which is mentioned in detail. Check out the error log and support for cloud server article for a comprehensive guide. The following video also covers the same.
In the article and video tutorial about error logs and troubleshoot cloud server you will learn:
- How to access error log files in Ubuntu Server?
- How to get support to troubleshoot cloud server
- Using search engines
- Using support forum
- Raising the support ticket with DO
And there we are, finally to the conclusion. I hope you learned something new out of this gigantic article. If you interested in reading further then, check out:
- Install WordPress on DigitalOcean
- A Complete #WordPressBlog Setup (in progress)
Now it’s your turn to speak up —
If you've any thoughts on #CloudServer Setup: A Step-by-Step Beginners Guide to Manage a Cloud Server!, then feel free to drop in below comment box. Also, please subscribe to our restoreBin YouTube channel for amazing videos tips. Cheers!