Connecting to your Server
You will need a SSH-Client like Putty if you are coming from Windows. On Unix-OS like OSX and Linux you can use terminal.
After connecting to the server you will be greeted by the following screen:
If you are logged in as root, it is highly recommended that you create another account and add this account to the wheel group. To achieve this, you have to type the following on the terminal.
where <username> can be any name you would like to have for the account. For this tutorial, we are going to create the user “corefinity”.
After hitting Enter, you need to assign a password to this user, as it won’t be enabled like in Ubuntu without doing so. To achieve this, you need to type
and repeat the password twice. You now have created your first user.
Unfortunately, this user doesn’t have any root-permissions yet, but we are going to change this now
As we are still logged in as root, we are now going to add our corefinity-user to the group of wheel.
usermod -aG wheel corefinity
will achieve this. We now have a non-root account, which can install software and updates.
To switch to this user, we need to type
and to exit this user and return to root, we just need to type
and hit enter.
Precondition: Setting a hostname
To connect to webmin via URL, you need to set a hostname first and connect your domain-registrar to the machines IP, so that typing in the address of your domain will take you to the machines IP.
To set a hostname type
sudo hostname your-new-name
where your-new-name should reflect your own domain.
The first step you will need to do is updating your base image. Under our newly created corefinity-user, we need to type the following:
sudo yum update -y
and run the command by hitting enter. This will update yum’s .
Now it’s time to install apache. This can be done by typing
sudo yum install httpd -y
Yum will download the apache-package and install it.
We now need to enable apache by typing
sudo systemctl enable httpd
sudo systemctl start httpd
and after running these commands, we can see if we were successful by typing
service httpd status
Installing MySQL 5.7
Now it’s time to install MySQL 5.7. First we need to install wget to be able to add the MySQL repository
sudo yum install wget -y
Yum will download the wget-package and install it.
We now need to add the MySQL5.7 repository by typing
sudo rpm -ivh mysql57-community-release-el7-9.noarch.rpm
After this is finished, we can install MySQL5.7 with the following command:
sudo yum install mysql-server –y
After confirming the dependencies with ‘y’ and finishing the installation, we need to enable and start the MySQL-server with
sudo systemctl enable mysqld
sudo systemctl start mysqld
Securing the database
We will now use the implemented secure installer of MySQL 5.7 to harden our installation.
To get started, we have to type in
As soon as we hit enter, we will be asked for the root-password, which we got beforehand, with the command
sudo grep 'temporary password' /var/log/mysqld.log
After pasting it, we will be asked to create a new root-password. After typing it twice, we will have an output of the estimated strength of the password. If we are confident with the strength, we can skip the step for another new root password with any key except ‘y’.
The next step will be the removal of anonymous users from the database. It is common practice to remove anonymous access, unless absolutely required. To achieve this, confirm with ‘y’.
Afterwards you will be asked if remote access of the root account to the database shall be disabled and connection shall only be permitted from the local machine. As we don’t want someone to guess our root-password, we are going to confirm with ‘y’.
Up next will be the removal of the test database. As we are going to build a productive server, we won’t need it anymore and confirm this step with ‘y’ as well.
The final step of the secure installation is reloading the privilege tables. Maybe we took a break in setting things up, and something happened in the background already. With this step, all of our previous made decisions will be loaded into the database immediately.
Installing PHP and Webmin
Now we need to install the necessary php-plugins. We can do so by typing
sudo yum install php php-mysql nano –y
After all dependencies are confirmed and the the installation is finished, we need to edit the file /etc/yum.repos.d/webmin.repo
with the following command
sudo nano /etc/yum.repos.d/webmin.repo
Add the following text to the file via copy and paste:
name=Webmin Distribution Neutral
and save with ctrl-o and ctrl-x afterwards.
Now the Webmin author’s key needs to be added with
sudo wget http://www.webmin.com/jcameron-key.asc
and then be imported into yum with
sudo rpm --import jcameron-key.asc
Now we can finally install webmin with
sudo yum install webmin –y
When the installation is finished, you can connect to webmin via https://your-url:10000/ if you set a hostname. Otherwise you can use https://your-machines-IP:10000 , but have to live with a certificate error.
To log in into webmin, you can only use your root account and it’s password. If you connect via SSH and haven’t set a root-password yet, you can do so by
sudo passwd root
followed by typing in the new root password twice.
Congratulations, you can now manage your server via a comfortable web interface!