Creating_my_site

Posted on Apr 9, 2025

Resources

https://landchad.net/

Getting a Domain

Bought a .xyz domain from namecheap

sideisec.xyz

Getting a hosting provider

I first searched through Vultr (link here) offerings, but after having trouble verifying my payment information, I chose to go with Digital Ocean (link here). Based on my research they were the most user friendly, and had a $4 a month offering (1 vCPU, 0.5GB ram, and 10GB disk, free IPv4 & IPv6 address)

Connecting domain with the VPS

DNS Configuration

And after a minute or so the changes were reflected using the host command Host Command

Setting up NginX webserver

ssh sideisec.xyz

Then ran the basic update commands

apt update
apt upgrade

now install nginx

add info on the directories and links created

Wasn’t sure what /etc directory was, so I looked it up and found this website. “The /etc directory contains the core configuration files of the system, use primarily by the administrator and services, such as the password file and networking files.” Why is the link for sites-enabled going in the /etc and not /var? Should research this

Now that I have made the simple index.html file, I can reload nginx via systemctl and check to see if it worked.

Uncheck # server_tokens off to prevent nginx version number from being show on error pages. this is a good cybersecurity practice to keep attackers from targetting known vulnerabilities in certain versions of nginx.

Getting HTTP working

apt install python3-certbot-nginx

understanding certbot

https://eff-certbot.readthedocs.io/en/stable/what.html

looked up what a digital signature is https://www.geeksforgeeks.org/digital-signatures-certificates/, because I thought I remembered it being when someone encrypts a message with their private key, then the receiver decrypts with the senders public key. I was mostly correct. Then I searched the meaning of message digest https://www.geeksforgeeks.org/message-digest-in-information-security/ Ok I understand now. A message with some information is ran through a has function, creating a digest. Then, the message digest and the original message are encrypted with the sender’s private key, and sent. The receiver decrypts with the public key (proving the authenticity of the sender, since they are the only person who should have access to the private key). The message is then run through the same hash function, and the digests are compared. If the are the same, than the integrity of the message has been verified, and messages from this user with this keypair have not been tampered with in transit.

Certbot Setup

used this command to set up the cronjob to automatically renew the cert so I don’t have to!

0 0 1 * * certbot --nginx renew

research this more later https://landchad.net/cron

and now we are done! I can install some services now.

Website Successfully Up