U ovom uputstvu na CentOS 7 minimal instalaciji na nekom tamo VPS-u ćemo instalirati LAMP (Apache, MariaDB, PHP) kao i phpMyAdmin, postaviti osnovnu zaštitu kao što su promena ssh porta, osnovna firewall zaštita. U ovom primeru pretpostavićemo da je u pitanju jedan sajt, pa se nećemo igrati virtualnim hostovima i slično

# Update sistema
yum update -y

# Dodavanje non-Root korisnika, zabrana logina za root, promena porta
useradd kompjuteras
passwd kompjuteras
gpasswd -a kompjuteras wheel
su - kompjuteras
sudo sed -i s/"#PermitRootLogin yes"/"PermitRootLogin no"/g /etc/ssh/sshd_config
sudo sed -i s/"#Port 22"/"Port 53535"/g /etc/ssh/sshd_config
sudo systemctl reload sshd

# Zamena firewalld sa iptables: https://kompjuteras.com/kako-zameniti-firewalld-sa-iptables-om-na-centos-7/

##########################################################################################################
vi FIREWALL.sh #Dodati u fajl ovo ispod do tarabica
#!/bin/sh
service iptables stop
iptables -F
iptables -X
service iptables save
# Javni portovi        -------------------------------------------------------------------
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 53535 -j ACCEPT
# Per IP izmene                      -----------------------------------------------------
iptables -A INPUT -s 222.222.222.222 -p ICMP --icmp-type 8 -j ACCEPT #promeni svojom IP
# OSTALO -              ------------------------------------------------------------------
iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Drop svega sto nije ovo gore i reload
iptables -A INPUT -j DROP
service iptables save
service iptables restart
exit 0
###########################################################################################################

sudo chmod +x FIREWALL.sh
sudo ./FIREWALL.sh

# Instalacija LAMP i phpmyadmin
sudo rpm -iUvh http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
sudo yum install httpd mariadb-server mariadb php php-mysql phpmyadmin vim
sudo systemctl start httpd.service
sudo systemctl enable httpd.service
sudo systemctl start mariadb
sudo mysql_secure_installation
sudo systemctl enable mariadb.service
sudo vim /etc/httpd/conf.d/phpMyAdmin.conf #Izmeniti pristupne adrese
sudo systemctl restart httpd