I am not the biggest fan of sys admin kind of tasks – I really just want an environment that works so that I can get to work. So when it came to installing a fresh version of Django, I started looking around for easier ways to do it. Enter Linode.
Linode are a VPS (Virtual Private Server) provider who have a one click install of Django. The point of this article isn’t to sell their product to you – it’s to highlight that one click install actually doesn’t mean one click install, there is still a whole bunch to do.
Making things secure
So first off, as I say, you just launch your one click install of Django on Linode. After that we need to secure the server a little bit. So first thing is sudo apt install ufw which installs the firewall. Once it’s done, you can run sudo ufw allow www; sudo ufw allow https; sudo ufw allow ssh and sudo ufw allow 8000. This will install all of the rules you need to allow web traffic and SSH traffic to your instance. Now, simply run sudo ufw enable and at this point your firewall is enabled, with the rules you just set applied.
Next, we need to prevent the root user from being able to login – because there are plenty of scripts out there that systematically try to break the root users password on internet facing servers to see if they can get any valuable information from them. Of course, using an SSH key would somewhat negate this issue, but if you’re using a password, we should really stop the root logging in.
The first step is to create a new user with superuser privileges, so in this case I will create a user called kodey: adduser kodey now we can add the user to the sudo group usermod -aG sudo kodey, finally we can check that the user does not exist in that group with getent group sudo.
Once you have tested that you can SSH as the new user and you can sudo su as root, you need to vi /etc/ssh/sshd_config and change the line PermitRootLogin yes to no. Once you restart the server you should find that root login permission is denied.
On your server you can head to /var/www and you should see that there is a Django project created for you. This is the basic Django framework, you will need to create the app you want to launch by typing python3 manage.py startapp kodey within the project root (where kodey is the name of your project).
Now by this point you’ll be able to access your site at your_ip:8000 and you can acess the admin dashboard at your_ip:8000/admin.