total used free shared buffers cached
Mem: 62092 59828 2264 0 12460 33004
-/+ buffers/cache: 14364 47728
Swap: 131064 0 131064
root@trial269-deb:~#
root@trial269-deb:~# ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 1.1 2052 728 ? Ss 01:52 0:00 init [2]
root 2 0.0 0.0 0 0 ? S 01:52 0:00 [kthreadd]
root 3 0.0 0.0 0 0 ? S 01:52 0:00 [migration/0]
root 4 0.0 0.0 0 0 ? S 01:52 0:00 [ksoftirqd/0]
root 5 0.0 0.0 0 0 ? S 01:52 0:00 [watchdog/0]
root 6 0.0 0.0 0 0 ? S 01:52 0:00 [events/0]
root 7 0.0 0.0 0 0 ? S 01:52 0:00 [cpuset]
root 8 0.0 0.0 0 0 ? S 01:52 0:00 [khelper]
root 9 0.0 0.0 0 0 ? S 01:52 0:00 [netns]
root 10 0.0 0.0 0 0 ? S 01:52 0:00 [async/mgr]
root 11 0.0 0.0 0 0 ? S 01:52 0:00 [pm]
root 12 0.0 0.0 0 0 ? S 01:52 0:00 [xenwatch]
root 13 0.0 0.0 0 0 ? S 01:52 0:00 [xenbus]
root 14 0.0 0.0 0 0 ? S 01:52 0:00 [sync_supers]
root 15 0.0 0.0 0 0 ? S 01:52 0:00 [bdi-default]
root 16 0.0 0.0 0 0 ? S 01:52 0:00 [kintegrityd/0]
root 17 0.0 0.0 0 0 ? S 01:52 0:00 [kblockd/0]
root 18 0.0 0.0 0 0 ? S 01:52 0:00 [kseriod]
root 20 0.0 0.0 0 0 ? S 01:52 0:00 [kondemand/0]
root 21 0.0 0.0 0 0 ? S 01:52 0:00 [khungtaskd]
root 22 0.0 0.0 0 0 ? S 01:52 0:00 [kswapd0]
root 23 0.0 0.0 0 0 ? SN 01:52 0:00 [ksmd]
root 24 0.0 0.0 0 0 ? S 01:52 0:00 [aio/0]
root 25 0.0 0.0 0 0 ? S 01:52 0:00 [crypto/0]
root 29 0.0 0.0 0 0 ? S 01:52 0:00 [khvcd]
root 104 0.0 0.0 0 0 ? S 01:52 0:00 [kjournald]
root 150 0.0 1.1 2268 708 ? Sroot 186 0.0 0.9 2264 612 ? S< 01:52 0:00 udevd --daemon
root 187 0.0 0.9 2264 608 ? S< 01:52 0:00 udevd --daemon
root 481 0.0 2.3 27332 1484 ? Sl 01:52 0:00 /usr/sbin/rsysl
root 530 0.0 1.2 2312 780 ? Ss 01:52 0:00 /usr/sbin/cron
102 536 0.0 0.8 2600 552 ? Ss 01:52 0:00 /usr/bin/dbus-d
root 545 0.0 1.5 5512 992 ? Ss 01:52 0:00 /usr/sbin/sshd
root 562 0.0 0.9 1724 568 hvc0 Ss+ 01:52 0:00 /sbin/getty 384
root 608 0.1 4.6 8276 2864 ? Ss 03:50 0:00 sshd: root@pts/
root 611 0.0 2.6 2984 1632 pts/0 Ss 03:50 0:00 -bash
root 615 0.0 0.0 0 0 ? S 03:50 0:00 [flush-202:2]
root 623 0.0 1.5 2368 956 pts/0 R+ 03:51 0:00 ps aux
root@trial269-deb:~#
---------
2.update dan upgrade
apt-get update && apt-get upgrade
------
root@trial269-deb:~# free
total used free shared buffers cached
Mem: 62092 58108 3984 0 3136 40752
-/+ buffers/cache: 14220 47872
Swap: 131064 1792 129272
root@trial269-deb:~#
-----------
# apt-get install ufw
root@trial269-deb:~# free
total used free shared buffers cached
Mem: 62092 54840 7252 0 3616 37352
-/+ buffers/cache: 13872 48220
Swap: 131064 1144 129920
# ufw allow www
# ufw allow ssh
# ufw default deny
# ufw enable
restart -r now
------------
nano /etc/sysctl.conf
# Avoid a smurf attack
net.ipv4.icmp_echo_ignore_broadcasts = 1
# Turn on protection for bad icmp error messages
net.ipv4.icmp_ignore_bogus_error_responses = 1
# Turn on syncookies for SYN flood attack protection
net.ipv4.tcp_syncookies = 1
# Turn on and log spoofed, source routed, and redirect packets
net.ipv4.conf.all.log_martians = 1
net.ipv4.conf.default.log_martians = 1
# No source routed packets here
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0
# Turn on reverse path filtering
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
# Make sure no one can alter the routing tables
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.all.secure_redirects = 0
net.ipv4.conf.default.secure_redirects = 0
# Don't act as a router
net.ipv4.ip_forward = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
# Turn on execshild
kernel.exec-shield = 1
kernel.randomize_va_space = 1
# Tuen IPv6
net.ipv6.conf.default.router_solicitations = 0
net.ipv6.conf.default.accept_ra_rtr_pref = 0
net.ipv6.conf.default.accept_ra_pinfo = 0
net.ipv6.conf.default.accept_ra_defrtr = 0
net.ipv6.conf.default.autoconf = 0
net.ipv6.conf.default.dad_transmits = 0
net.ipv6.conf.default.max_addresses = 1
# Optimization for port usefor LBs
# Increase system file descriptor limit
fs.file-max = 65535
# Allow for more PIDs (to reduce rollover problems); may break some programs 32768
kernel.pid_max = 65536
# Increase system IP port limits
net.ipv4.ip_local_port_range = 2000 65000
# Increase TCP max buffer size setable using setsockopt()
net.ipv4.tcp_rmem = 4096 87380 8388608
net.ipv4.tcp_wmem = 4096 87380 8388608
# Increase Linux auto tuning TCP buffer limits
# min, default, and max number of bytes to use
# set max to at least 4MB, or higher if you use very high BDP paths
# Tcp Windows etc
net.core.rmem_max = 8388608
net.core.wmem_max = 8388608
net.core.netdev_max_backlog = 5000
net.ipv4.tcp_window_scaling = 1
Load the directives to memory using the following command:
# sysctl -p
---------
root@trial269-deb:~# free
total used free shared buffers cached
Mem: 62092 32884 29208 0 1772 16540
-/+ buffers/cache: 14572 47520
Swap: 131064 0 131064
--------
nano /etc/apt/sources.list
#Dotdeb repo
deb http://packages.dotdeb.org stable all
deb-src http://packages.dotdeb.org stable all
---------
Next up, import the signing key to apt as follows:
# wget http://www.dotdeb.org/dotdeb.gpg # cat dotdeb.gpg | apt-key add - |
Time to install Nginx, MySQL, PHP-FPM and other essential packages:
# apt-get install nginx-full
# apt-get install mysql-server-5.5
# apt-get install php5-fpm php5-mysql php5-apc php5-xsl php5-xmlrpc php5-sqlite php5-curl php5-gd php5-tidy
apt-get install nginx
Start nginx afterwards:
/etc/init.d/nginx start
The default nginx document root is /var/www which does not exist yet; therefore we must create it as follows:
mkdir /var/www
chown www-data:www-data /var/www
chown www-data:www-data /var/www
-----------
apt-get install mysql-server mysql-client
-------------
root@trial269-deb:~# free
total used free shared buffers cached
Mem: 62092 58496 3596 0 1368 28880
-/+ buffers/cache: 28248 33844
Swap: 131064 696 130368
-----
# cat > /etc/mysql/conf.d/lowendbox.cnf [mysqld] key_buffer = 16K max_allowed_packet = 1M table_cache = 4 sort_buffer_size = 64K read_buffer_size = 256K read_rnd_buffer_size = 256K net_buffer_length = 2K thread_stack = 64K skip-innodb^D
----------
# /etc/init.d/mysql restart
root@trial269-deb:~# free
total used free shared buffers cached
Mem: 62092 49124 12968 0 1520 30684
-/+ buffers/cache: 16920 45172
Swap: 131064 684 130380
------
apt-get install php5-cgi php5-mysql php5-curl php5-gd php5-idn php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-ming php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl
-----------
root@trial269-deb:~# free
total used free shared buffers cached
Mem: 62092 54392 7700 0 5860 31208
-/+ buffers/cache: 17324 44768
Swap: 131064 1172 129892
-----------------
No comments:
Post a Comment