This guide will help you buy a new domain and SSL certificate from NameCheap, a self-managed Ubuntu 16.04 Server from Digital Ocean and configuring it with NGINX Web server, SSL etc.
These pages are under construction (80% complete, issues combining the certificates near the end).
Ok, lets get into it.
1. How to buy a new website domain from namecheap.com
1.2 Search for your domain (don’t forget to click show more to see other domain extension types).
1.3 Select the domain you want.
1.4 I am going to opt into a free year of Free WhoisGuard – (WhoisGuard is a service that allows customers to keep their domain contact details hidden from spammers, marketing firms and online fraudsters. When purchased, the WhoisGuard subscription is permanently assigned to a domain and stays attached to it as long as the fee is paid).
1.5 I will also opt-in into the discounted PositiveSSL for $2.74 (bargain) (fyi: name cheap ssl types).
1.6 Check the name cheap coupons page and apply this months coupon for 10% off.
1.7 Confirmed the order for $11.05 USD.
1.8 Congratulations you have just ordered a domain and SSL certificate.
2. Create a http://www.c9.io account
This will give you a nice UI to manager your unmanaged server.
2.1 Upgrade from the free account to the “Micro $9.00 / monthly” at https://c9.io/account/billing (this will allow you to use the c9.io IDE to connect to as many ubuntu VM’s as you wish).
3. Buy the hosting (droplet) from digital ocean
3.1 Goto https://wwww.digitalocean.com and create and account and login.
Note: If you are adding an additional server (droplet) to an digital ocean account and you want the droplets to talk to each other make sure your existing servers have a private network setup.
3.2 Click Create Droplet
3.3 Enter a server name: e.g “yourdomainserver”
3.4 Select a Server Size (this can be upgraded later), Digital Ocean recommend a server with at least 30GB for a WordPress install (but you can upgrade later).
3.5 Select an Image (you can stick with a plain ubuntu image) but it may save you time to install an image with the LAMP stack already on it.
LAMP stack is a popular open source web platform commonly used to run dynamic web sites and servers. It includes Linux, Apache, MySQL, and PHP/Python/Perl and is considered by many the platform of choice for development of high performance web applications which require a solid and reliable foundation. I will select LAMP.
3.6 Tick “private networking” if you think you may add more servers later (growing business)?
3.7 Paste in your SSH key from your c9.io account at https://c9.io/account/ssh (this is important, don’t skip this).
3.8 Click Create Droplet
3.9 Congratulations you have just created an Ubuntu VM in the cloud.
3.10 If you type your droplets IP into a web browser it should load your pages from your web server.
3.11 You can view your ubuntu droplet details in the digital ocean portal. You may need to reboot the server, make snapshots (backups) of reset passwords here.
3.12 You will need to change your droplets root password that was emailed to you from digital ocean. You can change your password by using the VNC window in the digital ocean portal https://cloud.digitalocean.com/droplets/ -> Access -> Console Access). If you had no luck changing you password with the VNC method you may use your Mac terminal and type: ssh email@example.com (where xx is your droplets IP) – then type yes, enter your password from the digital ocean email and change the password to a new/strong password (and write it down).
3.13 Now we will need to install the distro stable nodejs (for c9.io IDE) into the droplet by typing “sudo apt-get update” then “sudo apt-get install nodejs“.
4. Now we can link the digital ocean ubuntu server to the http://www.c9.io IDE.
4.1 Login to your c9.io account.
4.2 Click Create a new wordspace.
4.3 Enter a Workspace name and description.
4.4 Click Remote SSH Workspace
4.5 Enter “root” as the username
4.6 Type in your new servers IP (obtained from viewing your droplet at digital ocean https://cloud.digitalocean.com/droplets ).
4.6 Set the initial path as: ./
4.7 Set the NodeJS path as: /user/bin/nodejs
4.7 Ensure your SSH key is the same one you entered ito the droplet.
4.8 Click Create Workspace.
Troubleshooting: If you workspace cannot login you may need to SSH back into your droplet (via Digital ocean VNC or telnet SSH and paste your c9.io SSH key into the ~/authorized_keys file and save it). I used the command “sudo nano ~/.ssh/authorized_keys”, pasted in my c9.io SSH key then pressed CTRL+0 then ENTER then CRRL+X
4.9 If all goes well you will see c9.io now has a workspace shortcut for you to launch your website.
4.10 You will be able to connect to your droplet from c9.io and edit files or upload files (without the hassle of using SFTP and CPanel).
5. No we will link the domain name to the IP based droplet.
5.1 Login to your name cheap account.
5.2 Click “Account” then “Domain List” then “Manage” (next to the new domain) then click “Advanced DNS”
5.3 Click “Edit” next to “Domain Nameserver Type” then choose “Custom“.
5.4 Add the following three name servers “http://ns1.digitalocean.com“, “http://ns2.digitalocean.com” and “http://ns3.digitalocean.com” and click “Save Changes“.
5.5 Login to https://cloud.digitalocean.com/domains and select your droplet and type your domain name (e.g “yourdomain.com”) into the domain box and select your droplet
5.6 Configure the following DNS A Name records “@”-“XXX.XXX.XXX.XXX” where XXX is our server name and CName Records “www”-“www.yourdomain.com.” and “*”-“www.yourdomain.com.”
It can take from 24-48 hours for DNS to replicate around the world so I would suggest you goto bed at this stage: You can use https://www.whatsmydns.net/#A/yourdomain.com
5.7 But if you are impatient check out the DNS replication around the world using this link: https://www.whatsmydns.net
fyi: The full name cheap DNS guide is here.
fyi: The Digital Ocean DNS guide is located here
6. Login to the Namecheap server
6.1 Open your c9.io workspace to your domain
6.2 Click the Windows then New Terminal menu
6.3 Type: cd ~/.ssh/
6.4 openssl req -newkey rsa:2048 -nodes -keyout weatherpanorama_link.key -out weather_panorama_link.csr
6.2 Type the following to generate CSR files (my server is “weatherpanorama.link”, replace this with your server name ).
root@weatherpanoramalink:~# cd ~/.ssh
root@weatherpanoramalink:~/.ssh# <strong>openssl req -newkey rsa:2048 -nodes -keyout weatherpanorama_link.key -out weather_panorama_link.csr</strong>
Generating a 2048 bit RSA private key
writing new private key to 'weatherpanorama_link.key'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [AU]:AU
State or Province Name (full name) [Some-State]:New South Wales
Locality Name (eg, city) :Tamworth
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Fearby.com
Organizational Unit Name (eg, section) :Developer
Common Name (e.g. server FQDN or YOUR name) :weatherpanorama.link
Email Address :firstname.lastname@example.org
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password :****************
string is too long, it needs to be less than 20 bytes long
A challenge password :***************
An optional company name :Simon Fearby
root@weatherpanoramalink:~/.ssh# ls -al
drwx------ 2 root root 4096 Oct 17 10:20 .
drwx------ 7 root root 4096 Oct 17 10:17 ..
-rw------- 1 root root 399 Oct 17 08:06 authorized_keys
-rw-r--r-- 1 root root 1175 Oct 17 10:20 weather_panorama_link.csr
-rw-r--r-- 1 root root 1704 Oct 17 10:20 weatherpanorama_link.key
6.3 Using the folder structure in c9.io browser to /root/.ssh/ and open the text file “weather_panorama_link.csr” and copy the file contents.
6.4 In a seperate windows goto https://ap.www.namecheap.com/ProductList/SslCertificates paste in the “” file contents and click Submit
6.5 Verify your details and click next
6.6 Next you will need to verify your domain by downloading and uploading a file to your server. Under “DCV Method” select “HTTP” and follow the prompts at name cheap to download the file.
6.7 Complete the Form (company contacts and click next).
6.8 Go to Certificate Details page to download the validation file. Or you can wait for the email with zip file attached.
fyi: the support forums for this certificate are https://support.comodo.com (but the site is rubbish, most pages load empty (e.g this one)).
6.9 Under “DCV Methods in Use” click ‘Edit Methods” then “Download File”
6.10 Using the c9.io interface upload the file to the /var/www/html folder (drag and drop)
6.11 Wait 1/2 hour and then go back to your name cheap dashboard and see if the certificate has been verified (it may take longer than that).
6.12 After a while a certificate will be issued, Unser See Details click Download Certificate.
6.13 Upload the certificate files (“weatherpanorama_link.ca-bundle”,”weatherpanorama_link.crt” and “weatherpanorama_link.p7b” ) files using the c9.io IDE to /root/.ssh/
6.14 Add this “ServerName localhost” to “/etcapache2/apache2.conf”.
6.16 In a c9.io terminal run this command “sudo nano /etc/hosts” and add this line “127.0.0.1 weatherpanorama.link”
16.17 Run this command in a c9.io terminal ‘sudo a2enmod ssl”
THIS PART NEEDS FINISHING SOON.
fyi: Comodo support forums: https://support.comodo.com/index.php?/Default/Knowledgebase/List/Index/1
fyi: Comodo apache certificate installation instructions: https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/637/37/certificate-installation-apache–mod_ssl
Don’t forget to cache content to optimise your Web server
Having a server introduces risks, do check your website often in https://www.shodan.io and see if it has open software or is known to hackers.
todo: SSL https://www.namecheap.com/support/knowledgebase/article.aspx/794/67/how-to-activate-ssl-certificate
Easily deploy an SSD cloud server on @DigitalOcean in 55 seconds. Sign up using my link and receive $10 in credit: https://wwww.digitalocean.com