In this article, we try to describe Configuration and Additional Recommended Steps for New CentOS 7 Servers. After buying our VPS server and getting users to access we need to minimum configuration for a new server.
Also, there are some additional steps that are highly recommended in most cases for the new CentOS 7 server.
Before we start this article, we should ensure our VPS IP and user credentials. In this article, we will be focusing on configuring some optional but recommended components setup.
You can purchase your hosting from Cloudsurph.com, Cloudsurph hosting is a reliable hosting option for business and personal projects. We offer insight and help on system configuration issues and code errors or bugs.
This will involve setting our system up by configuring Network Time Protocol synchronization, a firewall, and a swap file. Now follow the below procedure for Configuration and Additional Recommended Steps for New CentOS 7 Servers.
Getting Started
Before starting our VPS server, we need to first log in to our VPS, we can use PuTTY application to login into our VPS server.
So, open PuTTY and enter your VPS IP and click the open button, here will open a command window, enter your username and password, see attached screenshot below:
You can purchase your hosting from Cloudsurph.com, Cloudsurph hosting is a reliable hosting option for business and personal projects. We offer insight and help on system configuration issues and code errors or bugs.
Configure a Basic Firewall
Firewalls are a security for your server and provide a basic level. In this application are responsible for denying traffic to every port on our server with exceptions for ports/services we have approved.
CentOS 7 ships with a firewall called firewalld and a tool called firewall-cmd can be used to configure our firewall policies.
First, we need to install firewalld:
[root@websdevusa ~]# sudo yum install firewalld
Without dropping current connections, the firewalld service has the ability to make modifications, so we need to turn it on:
[root@websdevusa ~]# sudo systemctl start firewalld
If you have not modified the port that the SSH daemon is running on, you can enable the service by name by entering the below code: Love to Code? We’re Your Helping Partner, click here for Buy Our Service
[root@websdevusa ~]# sudo firewall-cmd --permanent --add-service=ssh
If you need to change your port then you can follow below code:
[root@websdevusa ~]# sudo firewall-cmd --permanent --remove-service=ssh [root@websdevusa ~]# sudo firewall-cmd --permanent --add-port=4444/tcp
If we running a conventional HTTP web server, then need to enable the http service:
[root@websdevusa ~]# sudo firewall-cmd --permanent --add-service=http
Also, we can run a web server with SSL/TLS enabled, see the below code
[root@websdevusa ~]# sudo firewall-cmd --permanent --add-service=https
Now we need SMTP email enabled, so we can type:
[root@websdevusa ~]# sudo firewall-cmd --permanent --add-service=smtp
If you need to check any additional services that you can enable by name, enter the below code:
[root@websdevusa ~]# sudo firewall-cmd --get-services
When you are finished, you can see the list of the exceptions that will be implemented by entering the below code: Love to Code? We’re Your Helping Partner, click here for Buy Our Service
[root@websdevusa ~]# sudo firewall-cmd --permanent --list-all
Now, if you are ready to implement the changes, reload the firewall:
[root@websdevusa ~]# sudo firewall-cmd --reload
If everything works as expected, then you should make sure the firewall will be started at boot:
[root@websdevusa ~]# sudo systemctl enable firewalld
IF you want then buy a good, reliable, secure web hosting service from here: click here
Configure Timezones and Network Time Protocol Synchronization
Our next step is to adjust the localization settings for our server and configure the Network Time Protocol (NTP) synchronization.
Configure Timezones
Firstly, our step is to set our server’s timezone. It is a very simple operation that can be accomplished using the timedatectl command:
[root@websdevusa ~]# sudo timedatectl list-timezones
We can set it to United States eastern time, so you can type:
[root@websdevusa ~]# sudo timedatectl set-timezone America/New_York
Configure NTP Synchronization
Now for NTP synchronization, we will use a service called ntp, which we can install from CentOS’s 7 default repositories:
[root@websdevusa ~]# sudo yum install ntp
After then, we need to start the service for this session and we will also enable the service so that it is automatically started each time the server boots:
[root@websdevusa ~]# sudo systemctl start ntpd [root@websdevusa ~]# sudo systemctl enable ntpd
Creating a Swap File
IF you want then buy a good, reliable, secure web hosting service from here: click here
Now, if we are adding “swap” to a Linux server allows the system to move the less frequently accessed information of a running program from RAM to a location on disk.
Allocate the space we want to use for our swap file using the fallocate utility. For example, if we need an 8 Gigabyte file, we can create a swap file located at /swapfile by typing the below command:
[root@websdevusa ~]# sudo fallocate -l 8G /swapfile
When creating the file we need to restrict access to the file so that other users cannot see what is written there:
[root@websdevusa ~]# sudo chmod 600 /swapfile
Now, we have a file with the correct permissions and to tell our system to format the file for swap, we can type the below line:
[root@websdevusa ~]# sudo mkswap /swapfile
Now, we tell the system it can use the swap file by typing the below line:
[root@websdevusa ~]# sudo swapon /swapfile
So, our system is using the swap file for this session, but we need to customize a system file so that our server will automatically boot. So, we can do this by typing the below line:
[root@websdevusa ~]# sudo sh -c 'echo "/swapfile none swap sw 0 0" >> /etc/fstab'
In this article, you should know how to configure a solid foundation for your new CentOS 7 servers. We hope, you also have a good idea for your next steps. So, feel free to explore the site for more ideas that you can implement on your own server.
That’s it. If you enjoyed reading this article and have more questions please reach out to our support team via live chat or email and we would be glad to help you. we provide server hosting for all types of need and we can even get your server up and running with the service of your choice.