We recommend that you start with a $4/month Droplet and install a LEMP stack (Ubuntu 20.04, nginx, MariaDB, and PHP 8.0). If you prefer you may install Apache instead, but nginx offers superior performance and requires less configuration.
When you go to create your Droplet, DigitalOcean will ask you some initial configuration questions. Choose Ubuntu 22.04 as your distribution, and select a datacenter that is nearest to you and your customers. Do NOT set up SSH keys at this time - if you do, DigitalOcean won't email you a root user password. We will set up SSH later, after we've logged in with a password first.
From here, you can follow DigitalOcean's tutorials to set up your server:
First, follow this tutorial.
Some notes:
authorized_keys
file on your Droplet.www-data
group, which is the group to which your webserver belongs. That way, you can set the group owner of your UserFrosting application files to www-data
, and both your account and the webserver account will have ownership. To do this, do sudo usermod -a -G www-data alex
, replacing alex
with your user account name.ufw
firewall only have you open up the ssh
port by default. Obviously for a web server, you will also need to open up ports 80 or http
and/or 443 or https
. See this guide for help opening up additional ports. DigitalOcean also provides a cloud firewall which can be set up through the dashboard, rather than the commandline.PermitRootLogin
to no
in your /etc/ssh/sshd_config
file.See this guide from DigitalOcean.
nano
command-line editor to convert tabs to spacesBecause spaces rule.
nano ~/.nanorc
Add the following:
set tabsize 4
set tabstospaces
Save and exit (Ctrl-X).
You'll probably want to do this same thing in the root .nanorc
file, for when you are editing files as the root user:
sudo nano /root/.nanorc
Follow this tutorial. Swap space is a part of virtual memory, which allows your server to temporarily move data to the hard drive when there is not enough physical memory available for whatever it is doing. This is essentially the same thing as the pagefile.sys
in a Windows environment.
Some notes:
See this guide.
Some notes:
gzip
module (which is important for site speed and SEO!), may require some additional configuration. See this guide.Install gd and curl:
sudo apt-get install php8.0-gd
sudo apt-get install php-curl
sudo service nginx restart
browscap.ini
PHP's get_browser()
function uses the User-Agent
header to guess information about your visitors such as browser, OS, etc. For it to work properly, you need to download a copy of browscap.ini
from the Browscap Project and configure your php.ini
to find the file.
Assuming that your PHP installation is in /etc/php/8.0
, do the following:
cd /etc/php/8.0/fpm
sudo mkdir extra
sudo curl -o /etc/php/8.0/fpm/extra/browscap.ini https://browscap.org/stream?q=Lite_PHP_BrowsCapINI
This will download the "lite" browscap database, which is supposed to be adequate for most websites. Visit Browscap Project for other options.
Now, we need to edit our php.ini
to tell PHP where this file is located:
sudo nano /etc/php/8.0/fpm/php.ini
Use Ctrl+W to search for the browscap
section. Uncomment the browscap =
line. When you're done, it should look like this:
[browscap]
; http://php.net/browscap
browscap = extra/browscap.ini
Save and exit.
On Ubuntu, the node
package has been changed to nodejs
to avoid a naming collision with another package called node
. Unfortunately, this breaks npm
, which is expecting the node
command to refer to Node.js. To fix this, install the compatibility package:
sudo apt-get install nodejs-legacy
See the certbot tutorial.
Some notes:
certbot
client for now.See this DigitalOcean tutorial.
Notes:
mcrypt
in PHP 8:sudo phpenmod mcrypt
sudo service php8.0-fpm restart
To disable root login and restrict access to specific users:
cd /etc/phpmyadmin
sudo nano config.inc.php
Find the lines that say:
/**
* Server(s) configuration
*/
$i = 0;
// The $cfg['Servers'] array starts with $cfg['Servers'][1]. Do not use $cfg['Servers'][0].
// You can disable a server config entry by setting host to ''.
$i++;
Below this add:
$cfg['Servers'][$i]['AllowDeny']['order'] = 'explicit';
$cfg['Servers'][$i]['AllowDeny']['rules'] = [
'allow alex from all'
];
This will allow only alex
to log in via phpMyAdmin.