It is not very difficult to run your own Virtual Private Server in the cloud. Amazon's AWS provides with its Amazon Lightsail an entry level offering as a good starting point to run your own server. This article covers the basics about running your own virtual private server in the cloud with Amazon Lightsail.
This article covers some fundamentals to create your own cloud instance with AWS Lightsail, but be aware, that this is not a guide for absolute beginners. Be prepared that I may have skipped some details that felt being obvious to me and that you will come across problems I did not have and that you may need to solve on your own. You will need some basic Linux skills about navigating through the file system, editing files, watching log files, install packages (apt) and having basic understanding of DNS and SQL. If that's something you've got and want to invest some time, you are probably good to go.
The Virtual Private Server (VPS) we are going to install in the cloud is a Linux based server with Ubuntu. There are several cloud providers on the market and you can choose the one that fits best to your demands. This project builds on the Virtual Private Server by the AWS (Amazon Web Services) entry level offering called Amazon Lightsail (in case you are using a different provider, you can compare with their instructions about creating an instance on Ubuntu Linux) and some additional steps for set up (these are mainly cloud provider independent):
Start here with step 1: What is Amazon Lightsail?
Step 2: Create a Virtual Private Server on Amazon AWS Lightsail
As soon as your cloud server instance has been created, it is available on the internet worldwide through its IP addressed. Hence, you can can expect that it will be under attack almost immediately. I remember that with one of my previous installation it took not more than 12 minutes, but it can even be faster that you are having visitors at your door step trying to get in.
You can use the Connect using SSH from the Connect tab from the Lightsail console and check the auth.log:
nano /var/log/auth.log and you can scroll through the log and look for suspicious entries:
A newly created cloud instance is normally based on a blueprint or template and this does probably not include the latest version of all programs and applications. Don't wait long and make an update of your Ubuntu Linux instance immediately to get the latest version having all bug and security fixes. You will find what to do under step 3:
Step 3: Update the Ubuntu Packages to the Latest Version
Step 4: Access to Your Lightsail Cloud Instance with PuTTY and WinSCP
Step 5: Setting the Internal Host Name of the Instance under Ubuntu Linux
Step 6: Create & Activate SWAP File on Ubuntu Linux
Now you may want to install the tool Midnight Commander tool for file management. It's a valuable tool for the system administrator:
Step 7: Midnight Commander File Manager
As the next step, you may want to link your domain to the new virtual private server in the cloud:
Step 8: Attach a Domain Name to the Static IP Address
As soon as your server is connected to the internet you can assume that it is under attack from somebody. Make sure that your firewall is configured and does not open anything which is not needed. Always ensure that your system is updated to its latest version.
As an additional measure, you can install Fail2Ban on your Linux server. Fail2Ban is an intrusion prevention software framework that protects computer servers from brute-force attacks. It checks the log files for specific patterns and bans IP addresses temporarily.
Step 9: Install intrusion prevention with Fail2Ban
Congratulations! Now you are running your own basic virtual private server in the cloud!
This is now the foundation for additional services and projects.