Setting Up a New Amazon EC2 Server (2017-02-25)

Create Amazon EC2 Instance
1. Login to AWS Management Console
2. Select Amazon EC2
3. Click “Instances” from the left menu
4. Click “launch Instance”

Create Elastic IPs
1. Login to AWS Management Console
2. Click “Elastic IPs” from the left menu
3. Click “Allocate New Address”
4. Select “EC2” and click “Yes, Allocate”

Assign Elastic IP to an Instance
1. Right click an IP and select “Associate”
2. Select an instance and click “Yes, Associate”

First Time Connect
1. Download PuttyGen
2. Click “Load” and select the .pem file
3. Click “Save private key”
4. Open putty
5. From the left menu, select Connection > SSH > Auth
6. Click “Browse” and select the ppk file created in step 3
7. Connect to your instance with the username “ec2-user”

Change Password

sudo passwd root

Create user

adduser myhelper
passwd myhelper

Add user to sudoers

visudo
myhelper  ALL=(ALL)       ALL

Configure sshd

vim /etc/ssh/sshd_config
PasswordAuthentication yes
AllowUsers myhelper
/etc/init.d/sshd restart

Change timezone

ln -sf /usr/share/zoneinfo/Hongkong /etc/localtime
(or use tzselect)

Install Apache, MySQL, PHP, FTP

yum install httpd24 mod24_ssl mysql-server php56 php56-mysqlnd php56-common php56-gd php56-mbstring php56-mcrypt php56-devel php56-xml vsftpd

chkconfig httpd on
chkconfig mysqld on
chkconfig vsftpd on

Create virtual host directory

mkdir -p /var/www/vhosts/myhelper.com/subdomains
mkdir -p /var/www/vhosts/myhelper.com/htdocs
mkdir -p /var/www/vhosts/myhelper.com/logs
chown -R myhelper.myhelper /var/www/vhosts/myhelper.com

Configure PHP

vim /etc/php.ini
max_input_vars = 50000

Configure Apache

vim /etc/httpd/conf/httpd.conf
KeepAlive off
Include /etc/httpd/conf/extra/httpd-vhosts.conf
<IfModule prefork.c>
StartServers            30
MinSpareServers         30
MaxSpareServers         45
ServerLimit             4000
MaxRequestWorkers       4000
MaxConnectionsPerChild  4000
</IfModule>

vim /etc/php.ini
upload_max_filesize = 5M
post_max_size = 8M
memory_limit = 256M

mkdir /etc/httpd/conf/extra
vim /etc/httpd/conf/extra/httpd-vhosts.conf
<VirtualHost *:80>
  DocumentRoot "/var/www/vhosts/my-helper/htdocs"
   ServerName my-helper.com
    ServerAlias www.my-helper.com
   <Directory "/var/www/vhosts/my-helper/htdocs">
      Options Indexes FollowSymLinks
      AllowOverride All
       Order allow,deny
        Allow from all
  </Directory>
  ErrorLog "/var/www/vhosts/my-helper/logs/error.log"
   #CustomLog "/var/www/vhosts/my-helper/logs/access.log" common
</VirtualHost>

/etc/init.d/httpd restart

Configure Vsftpd

vim /etc/vsftpd/vsftpd.conf
userlist_deny=NO
user_config_dir=/etc/vsftpd/userconfig
chroot_local_user=YES
allow_writeable_chroot=YES
port_enable=YES
pasv_enable=YES
pasv_min_port=21024
pasv_max_port=21048
pasv_address={your public ip address}
vim /etc/vsftpd/user_list
myhelper

mkdir /etc/vsftpd/userconfig
vim /etc/vsftpd/userconfig/myhelper
local_root=/var/www/vhosts/my-helper

/etc/init.d/vsftpd restart

Update sysctl.conf

vim /etc/sysctl.conf
net.ipv4.tcp_tw_reuse=1
net.ipv4.tcp_tw_recycle=0
net.ipv4.tcp_fin_timeout=30
net.ipv4.tcp_max_syn_backlog=8192

sysctl -p

Update Security Group
1. Login to AWS Management Console
2. Click “Security Groups” from the left menu
3. Select your security group
4. Add TCP port 20-21, 80, 21024-21048