Setting up a Virtual Private Server (VPS) from scratch is one of the most empowering skills a developer, system administrator, or tech-savvy business owner can learn. Unlike shared hosting where everything is pre-configured and locked down, a VPS gives you full root access and complete control over the operating system, software stack, and security posture. That freedom, however, comes with responsibility: you are responsible for installing, securing, and maintaining every component.
This complete guide walks you through the entire process of setting up a VPS from scratch, from choosing a provider and deploying an operating system to hardening security, installing a web server, and hosting your first website. Whether you are migrating from shared hosting or launching a brand-new project, by the end of this guide you will have a fully functional, secure server ready for production traffic.
Need a VPS to Follow Along?
InterServer VPS plans start at just $2.50/month with SSD storage, full root access, and instant deployment. Price-locked for life.
Step 1: Choose a VPS Provider and Plan
The first decision is where to host your VPS. There are dozens of providers, each with different strengths. For beginners and cost-conscious users, we recommend InterServer because of its transparent $2.50/month starting price, price-lock guarantee, and 16 operating system templates. Developers who need global data centers may prefer DigitalOcean or Vultr, while businesses already invested in the Amazon ecosystem might choose AWS Lightsail.
When comparing plans, look at four key resources:
- CPU (vCores): Determines how much processing power your server has. Entry-level plans typically offer 1 vCore, which is enough for a low-traffic website or development environment.
- RAM: The most common bottleneck. 1GB is the practical minimum for a web server with a database; 2GB or more is recommended for WordPress or production applications.
- Storage: Look for SSD or NVMe storage, which is dramatically faster than traditional HDD. Most modern providers include SSD by default.
- Bandwidth: The amount of data transfer included per month. 1TB is sufficient for most small to medium websites.
Step 2: Deploy Your Operating System
Once you have purchased a VPS plan, the provider's control panel will prompt you to choose an operating system. For most use cases, we recommend Ubuntu 22.04 LTS or Ubuntu 24.04 LTS. Ubuntu is the most widely used Linux distribution for servers, which means it has the largest community, the most tutorials, and the best software compatibility. Debian 12 is another excellent, stable choice.
After selecting your OS, the provider will deploy your server—usually within 30 to 90 seconds. You will receive an IP address and root credentials (either a password or an SSH key, depending on your setup). Write these down; you will need them immediately.
Step 3: Connect to Your VPS via SSH
SSH (Secure Shell) is the protocol you will use to administer your server from your local computer. On macOS and Linux, open a terminal. On Windows, use PowerShell, Windows Terminal, or a tool like PuTTY.
Connect to your server using the root account and the IP address provided by your host:
ssh root@your_server_ip
The first time you connect, you will see a warning about the authenticity of the host. Type yes and press Enter. Then enter your root password when prompted.
Step 4: Update the System
The very first thing you should do on a fresh server is update all installed packages to their latest versions. This patches known security vulnerabilities and ensures you are running the latest software.
apt update && apt upgrade -y
This command refreshes the package list and upgrades all outdated packages. The -y flag automatically answers "yes" to prompts. Depending on how old the base image is, this may take a few minutes.
Step 5: Create a Non-Root User
Running everything as the root user is a security risk. If an attacker gains access to your root account, they have unrestricted control over the entire server. Best practice is to create a regular user with sudo (administrative) privileges and use that account for daily work.
adduser deployuser
usermod -aG sudo deployuser
The first command creates a new user named deployuser and prompts you to set a password. The second adds the user to the sudo group, granting administrative privileges.
Step 6: Secure SSH Access
SSH hardening is critical. By default, SSH allows password-based root login, which is a prime target for brute-force attacks. You should disable root login and enforce key-based authentication.
First, generate an SSH key pair on your local machine (if you do not already have one):
ssh-keygen -t ed25519 -C "[email protected]"
Copy your public key to the new user on the server:
ssh-copy-id deployuser@your_server_ip
Then, log in as the new user and edit the SSH configuration:
sudo nano /etc/ssh/sshd_config
Change the following settings:
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes
Save the file and restart SSH:
sudo systemctl restart ssh
Step 7: Configure a Firewall
A firewall controls which network traffic is allowed to reach your server. Ubuntu includes UFW (Uncomplicated Firewall) by default, which makes firewall management straightforward.
sudo ufw allow OpenSSH
sudo ufw allow 'Nginx Full'
sudo ufw allow 'Apache Full'
sudo ufw enable
The first command allows SSH traffic so you do not lock yourself out. The second and third allow HTTP (port 80) and HTTPS (port 443) traffic for Nginx and Apache respectively—enable only the one you plan to use. The final command activates the firewall. Verify the status with sudo ufw status.
Step 8: Install a Web Server
The two most popular web servers are Nginx and Apache. Nginx is lighter and faster for static content and is our recommended choice for most new setups. Apache is more widely compatible with older applications and has a simpler configuration for dynamic content via .htaccess files.
To install Nginx:
sudo apt install nginx -y
sudo systemctl start nginx
sudo systemctl enable nginx
Visit http://your_server_ip in a browser and you should see the default Nginx welcome page. To install Apache instead, substitute apache2 for nginx in the commands above.
Step 9: Install a Database (MySQL or MariaDB)
Most web applications require a database. MySQL and MariaDB (a community fork of MySQL) are the most popular choices for Linux servers.
sudo apt install mysql-server -y
sudo mysql_secure_installation
The second command runs an interactive script that removes insecure default settings. Answer "yes" to all prompts, set a strong root password, and remove the test database and anonymous user.
Step 10: Install PHP (for Dynamic Sites)
If you plan to run WordPress, Drupal, or any PHP-based application, you need PHP. For a complete LEMP stack (Linux, Nginx, MySQL, PHP), install PHP and the required extensions:
sudo apt install php-fpm php-mysql php-cli php-curl php-gd php-mbstring php-xml php-xmlrpc php-zip -y
Configure Nginx to process PHP files by editing your server block, then restart Nginx. Test that PHP is working by creating a file at /var/www/html/info.php with the content <?php phpinfo(); and visiting http://your_server_ip/info.php. Remove this file immediately after testing, as it exposes sensitive server information.
Step 11: Set Up Automatic Updates
Keeping your server patched is one of the most effective security measures you can take. Configure unattended-upgrades to automatically install security updates:
sudo apt install unattended-upgrades -y
sudo dpkg-reconfigure -plow unattended-upgrades
Step 12: Install Fail2ban
Fail2ban monitors your server logs and automatically bans IP addresses that show malicious behavior, such as repeated failed SSH login attempts. It is an essential layer of defense against brute-force attacks.
sudo apt install fail2ban -y
sudo systemctl enable fail2ban
sudo systemctl start fail2ban
Verifying Your Setup
After completing all the steps above, your server should be ready for production. Here is a quick checklist to verify everything is in order:
| Component | Status Check Command | Expected Result |
|---|---|---|
| System updated | apt list --upgradable | No packages listed |
| Non-root user | groups deployuser | Contains "sudo" |
| SSH secured | sudo sshd -T | grep permitrootlogin | PermitRootLogin no |
| Firewall active | sudo ufw status | Status: active |
| Web server running | sudo systemctl status nginx | Active (running) |
| Database running | sudo systemctl status mysql | Active (running) |
| Fail2ban running | sudo systemctl status fail2ban | Active (running) |
Next Steps After Initial Setup
With your VPS now set up and secured, you are ready to deploy actual applications. The next logical steps are:
- Configure SSL certificates with Let's Encrypt to enable HTTPS (see our SSL configuration guide).
- Install WordPress or your preferred CMS (see our WordPress on VPS tutorial).
- Set up automated backups so you never lose data.
- Configure monitoring to alert you of downtime or resource issues.
- Optimize performance with caching and database tuning (see our VPS optimization guide).
Ready to Set Up Your Own VPS?
InterServer VPS starts at $2.50/month with full root access, SSD storage, 16 OS templates, and a price-lock guarantee. Deploy your server in under 60 seconds.
Affiliate Disclosure: VPSFeedX may earn a commission when you purchase through links on this page. This does not affect the price you pay or our recommendations.
