Rodeo Five Staging Server

Rodeo Five staging server is a Digital Ocean droplet running Ubuntu 20.04 x64 with 4 vCPUs, 8GB memory, and 160GB storage. It is located in region NYC1, and its IP address is 161.35.4.236.

• peterstevens
• mikemckenna
• drewmckenna

• /etc/apache2/apache2.conf includes /etc/phpmyadmin/apache.conf
• /etc/apache2/sites-available/000-default.conf redirects to "https://161.35.4.236"
• Added /etc/apache2/conf-available/ssl-params.conf
• Set ServerName to IP address in /etc/apache2/apache2.conf
• /etc/apache2/sites-available/default-ssl.conf sets up *:443 virtual host.
• Set AllowOverride to All in /etc/apache2/apache2.conf

• Password authentication temporarily enabled on June 2, 2020.
• Empty passwords disabled
• Public key authentication enabled
• Root login disabled

• Created database rodeofive
• Created user admin
• Granted all privileges on rodeofive.* to admin
• Updated 'root'@'localhost' password

• Apache Full allowed
• OpenSSH allowed
• UFW disabled temporarily

• /etc/securetty was missing, preventing apache2 from restarting. It was replaced with a copy of the 19.04 default.

• /etc/phpmyadmin/config.inc.php AllowRoot was set to false and login type set to 'cookie'
• Set alias in /etc/phpmyadmin/apache.conf to /r5pma

• sshd jail enabled

• Apache2
• fail2ban
• PHP v7.4
• MySQL
• libapache2-mod-php7.4
• php7.4-mbstring
• php7.4-pdo
• php7.4-mysql
• phpmyadmin
• software-properties-common
• certbot
• fail2ban
• update
• logrotate

Repositories:

Universe

ppa:certbot/certbot is not required on 20.04

• Cannot connect to SFTP using key authentication. Workaround: temporarily enable SSH password authentication
• MySQL is using sha256_password which will be deprecated. Prefer caching_sha2_password.