By Alexandru Andrei, Alibaba Cloud Community Blog author.
You may have seen websites where visitors can post advertisements for items or even services they want sell, buy, exchange, or just happen to be looking for. For those in America, think Craigslist or Facebook groups nowadays. Often, things posted on these websites include anything from used cars or computers to even something like short-term jobs. These are called classified ads, or classifieds for short. You can create your own classified ads website with the free classifieds script Osclass.
Launch a new ECS instance. The Compute Type c5 (ecs.c5.large) with 2 vCPUs and 4 GiB of RAM should be able to handle low to medium-traffic websites without issues.
Select the latest version of Debian as the operating system image.
For low-traffic websites, you can use Ultra Disk for storage. For medium to high traffic, use SSD Cloud Disk. An SSD is better at serving multiple visitors at the same time. Simply put, if one visitor asks for one page, a hard-disk and an SSD might retrieve the content in the same amount of time. But if 10 visitors ask for 10 different pages, at the same time, the hard-disk has trouble retrieving data from 10 different locations and will take a fairly long time to respond. An SSD though, has no trouble retrieving data from multiple locations, quickly.
You can estimate the storage space you will need, this way: if every day your visitors add 100 images on average, that occupy 100 kilobytes, each, you would need 100100365/1000, approximately 3650 megabytes (3.65 gigabytes) of storage per year, plus size of the database. If you want to make it easier to expand the disk later on, you could, besides the system disk, attach an additional data disk to your instance and then reconfigure MariaDB and Apache to store the database and web files on that disk. You can also use LVM or ZFS, to be able to expand your storage pool, live (without having to shutdown or reboot the instance).
In the next instance configuration step, move the bandwidth slider to its maximum value.
After you create the instance, you will be redirected to your ECS console. Click on the newly created instance ID code or on Manage.
Next, click on Security Groups, in the left side menu.
Click on Add Rules (right side of the screen).
On this page, in the top-right corner, click on Quick Rule Creation.
Select HTTP (80) and HTTPS (443). In the Authorization Objects field, enter 0.0.0.0/0
. Under Description, you can enter Web Server. The final result should look like in the following image.
Click OK to finish adding the firewall rule that will allow traffic on port 80 and 443, so that visitors can connect to your website.
Go back to your ECS Console > Instances, so that you can find the (Internet) IP address of your server. You will need to set the proper DNS records, so that when visitors type the name of your website (such as example.com
) in their browser, they will be directed to your ECS instance.
If you don't yet have a domain name, you can register one at Alibaba Cloud. If your domain name is currently registered at another provider, you can follow the same steps presented here, but might need to adapt them to your registrar's control panel and standards they follow. Add two "A records" to direct yourdomainname.com
and www.yourdomainname.com
to the public IP address of your instance.
If you have registered your domain with Alibaba Cloud, go to the DNS Console and click on your domain name or Configure.
In the top-right corner, you will see a button labeled Add Record.
After you click that button, enter these details (add a so-called "A record"):
example.com
"In the following picture, you can see an example of how these fields can be entered.
Now, repeat the same steps, enter the same values, except, in the Host field, enter www instead of @. This will direct www.yourdomainname.com
to the server's IP address, so that visitors can access your website with both yourdomainname.com
and www.yourdomainname.com
.
If you already had A records configured for your domain name, the changes will take some time until they propagate.
Use a DNS propagation tool like https://dnschecker.org/, or search the web for "dns propagation check" if this website is down in the future. Check both yourdomainname.com
and www.yourdomainname.com
. If all results point to your current instance's IP address, and not the old one, you're good to go. Don't worry about "Not resolved" errors, marked with an "x" sign. That doesn't mean there's something wrong on your side, just that the DNS resolver in that location is currently down for some reason.
Do not continue with this tutorial until DNS changes have propagated properly! You won't be able to set up SSL/TLS certificates to enable HTTPS encryption for your site until DNS records propagate to the servers that will check domain ownership
An introductory note may be helpful here. If you ever heard that Nginx is better than Apache, it's true and false at the same time. Nginx has a slight edge, when it comes to serving static content, such as simple HTML files. When it comes to dynamic content, such as PHP, that is no longer true. Furthermore, there is a lot of outdated information, recommending libapache2-mod-php5
to be installed, which forces Apache to run with mpm_prefork
. This uses a lot of memory, is slower and doesn't respond well to multiple simultaneous requests. You will use Apache with mpm_event and PHP-FPM, a combination which is modern, fast, and can handle multiple simultaneous requests efficiently (less memory used under stress and quicker response times).
Log in to your instance through SSH, as the root user. Upgrade all software packages.
apt update && apt upgrade
You may get a prompt about configuration files, like the one in the following picture.
Just press ENTER to select the default entry, "keep the local version currently installed."
Reboot the instance.
systemctl reboot
Wait 15 to 30 seconds and SSH back to the instance, logging in as root, once again.
Install the HTTP server, database server, PHP processor and some PHP plugins required by Osclass.
apt install apache2 mariadb-server php-fpm php-mysql php-gd php-xml php-zip php-curl
Run a script to restrict database features you do not require.
mysql_secure_installation
Enter current password for root (enter for none):
- Press ENTER here.
Set root password? [Y/n]
- Type n
and then press ENTER. In the latest versions of MariaDB, password logins for root are disabled by default anyway, so you don't need a password here.
To the rest of the questions, answer yes, by typing y
and then pressing ENTER:Remove anonymous users? [Y/n]
Disallow root login remotely? [Y/n]
Remove test database and access to it? [Y/n]
Reload privilege tables now? [Y/n]
Start editing a new configuration file.
nano /etc/apache2/sites-available/osclass.conf
Paste the following content and replace yourdomainname.com
and www.yourdomainname.com
with your actual domain name.
<VirtualHost *:80>
ServerName yourdomainname.com
ServerAlias www.yourdomainname.com
ServerAdmin your_email@yourdomainname.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Save the file: press CTRL+x, followed by y and then ENTER.
If you intend to enable so-called pretty links later on (https://example.com/for-sale
instead of https://example.com/index.php?page=search&sCategory=9
), you should instead add this content to /etc/apache2/sites-available/osclass.conf
.
<VirtualHost *:80>
ServerName yourdomainname.com
ServerAlias www.yourdomainname.com
ServerAdmin your_email@yourdomainname.com
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory /var/www/html/>
AllowOverride All
</Directory>
</VirtualHost>
Note however that "pretty links" are no longer considered important for SEO (search engine optimization).
Disable the default website configuration.
a2dissite 000-default.conf
Enable your newly created configuration.
a2ensite osclass.conf
Make sure Apache MPM event is enabled.
a2enmod mpm_event
Enable FastCGI module.
a2enmod proxy_fcgi setenvif
Enable default PHP FPM configuration.
a2enconf php7.0-fpm
The command above applies to Debian 9. Debian 10 will use a different version of PHP FPM. Type a2enconf php
then press TAB to autofill the correct value (which will probably be php7.3-fpm in Debian 10).
Restart Apache to apply changes.
systemctl restart apache2
Install Certbot.
apt install python-certbot-apache
Start procedure to install SSL/TLS certificate. Remember to replace yourdomainname.com
with the actual name of your domain.
certbot --apache -d yourdomainname.com -d www.yourdomainname.com
You will receive step by step instructions in the terminal. When prompted, enter your current personal email address, so that you can easily manage future certificate operations. Next, when you're presented with the terms, type "a" and ENTER to agree with them.
At this prompt:
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
press 2
and then ENTER to redirect all page visits to the HTTPS protocol, so that all sensitive data, like passwords, is encrypted in transit, between visitor and server.
Remove default HTML file.
rm /var/www/html/index.html
"Step into" the directory where web content is stored by default.
cd /var/www/html
You need wget
and unzip
for the next steps. Make sure they're installed.
apt install wget unzip
Visit the Osclass download page in your browser to find out the latest version available. At the moment of writing this tutorial, the download section is on the right side of the web page and looks like this:
You can pay whatever you want for the script, between $0 and $50. Move the slider to the desired value and continue. Once the file is downloaded, look in your browser's download list to find the exact address to the latest version of Osclass. For example, in Chrome you can press CTRL+J to go to your download history. Copy this address and use it in the next command.
For example, in this case, with the address highlighted in the picture, the command would be:
wget https://static.osclass.org/download/osclass.3.8.0.zip
Extract all files from this archive.
unzip *.zip
Remove archive.
rm -I *.zip
Make the www-data
user the owner of all files in /var/www/html
. This will allow Apache to modify contents here, which will in turn let Osclass update itself with the click of a button, automagically install plugins, and so on.
chown -R www-data: /var/www/html/
Open your browser and enter the name of your domain (e.g., example.com) that you previously configured to point to the IP address of your Alibaba ECS instance. You will be presented with a page like this:
Click the Install button and then Run the install from the bottom of the next page displayed.
Next, the install script expects the name, user and password of the database it will manage. Go back to the SSH session where you're logged in as root, and type:
mariadb
The command prompt will change to MariaDB [(none)]>
to indicate that you are logged in to the database server. Enter the following commands, one by one (not all at once). Replace database_name with the name you desire for your database. Replace user_name with the name you want for your database user and choose a good password for this user. Some of these variables appear in two places. You can see them highlighted in the following picture.
CREATE DATABASE database_name ;
CREATE USER user_name@localhost IDENTIFIED BY 'password' ;
GRANT ALL PRIVILEGES ON database_name.* TO user_name@localhost ;
exit
Don't forget to choose your own database name, username and password! It's better to first copy the previous section in a text editor, modify the variables and then paste them in your SSH session, one by one, to avoid mistakes.
Go back to the Osclass installation web page in your browser and fill in the details of the database, username and password you just chose.
In the last configuration step, freely choose your administrator username and password. You will use these to log in to the administrative backend of your site, where you can moderate ads, install plugins, change settings, and so on.
The "Web title" is the title you want to choose for your classified ad website. Use your personal email address for the "Contact e-mail."
After this step, your website is installed. You can visit the administrative backend by appending /oc-admin/index.php?page=login
to your domain name. For example, if your domain is example.com
, the URL to the administrative backend is example.com/oc-admin/index.php?page=login
or, the shorter variant, example.com/oc-admin/
.
First of all, you will need an email provider that allows you to send emails through the SMTP protocol. Not every provider follows the same standards, so you may have to adapt some of the connection settings you provide in Osclass, for the SMTP server. You will have to use a paid email service, geared specifically towards business use. Personal email accounts have a limit on the amount of emails that can be sent. Use a reputable service to make sure your emails go to people's Inbox folder, and not Spam.
Alibaba Cloud also offers an email service and you can use it with your domain name if you desire, even if this domain has been registered somewhere else. You can follow the steps in this tutorial to setup DirectMail for your domain name. Tips for things you may miss:
1. If your website visitors are outside of Asia, change DirectMail's location to Australia, before configuring the service. It's the only continent outside of Asia, currently available for DirectMail, though this may change in the future. This may decrease the risk of email getting marked as Spam.
2. Pay attention to the SMTP server address. This will be displayed in the "Sender Addresses" section. This depends on the location you used when configuring your DirectMail service. For example, if you used Singapore, it might look like this:
3. It's very important to configure a "Reply-To Address" if you also want to receive mail on an address. You would enter your personal address here, and whenever someone sends an email to, say, admin@example.com
, it will be redirected to youremail@yourprovider.com
.
After you get the required SMTP settings, like username, password, SMTP port number, encryption method, log in to the administrative backend of Osclass and go to Settings->Mail server, from the left side panel. Here, fill in connection details. For example, if you used Alibaba DirectMail as the provider, your settings might look like this:
Example entries:
smtpdm-ap-southeast-1.aliyun.com
your_email@yourdomain.com
80
here. Otherwise, use the port your email provider gave you. However, avoid using 25
as this is blocked. You will usually get one port for certificate encrypted communication, for example 465
, and another for non-encrypted communication (which can still become encrypted if the client sends a STARTTLS command to initialize encryption after initial connection). If Osclass has trouble using something like port 465
with your provider, just use the alternate port which doesn't use encryption by default.your_email@yourdomain.com
for DirectMail. Usually the same for a third party email provider.tls
and only change to ssl
and blank
if nothing else works. blank
is the worst choice though, since this means the password will be sent unencrypted to the server.Don't forget to periodically upgrade your server with apt update && apt upgrade
, reboot from time to time, and also upgrade Osclass from the administrative backend, to keep up with the latest security fixes.
As a quick and effective backup solution, you can use snapshots. Preferrably, setup automatic snapshots late into the night (say 4AM local time) so that you don't impact disk performance while your visitors are using your website.
Create Your Own Dedicated Server for Playing Counter Strike: Global Offensive (CS:GO)
2,599 posts | 762 followers
FollowAlibaba Cloud Community - February 28, 2022
Alibaba Clouder - February 14, 2020
Alibaba Clouder - July 3, 2018
Alibaba Clouder - January 10, 2019
Alibaba Clouder - July 18, 2019
Alibaba Clouder - July 18, 2019
2,599 posts | 762 followers
FollowElastic and secure virtual cloud servers to cater all your cloud hosting needs.
Learn MoreAn encrypted and secure cloud storage service which stores, processes and accesses massive amounts of data from anywhere in the world
Learn MoreLearn More
More Posts by Alibaba Clouder