Essential Commands for Linux & Windows Servers
sudo apt update && sudo apt upgrade -y
sudo adduser newuser
sudo usermod -aG sudo newuser
sudo apt install nginx -y
sudo systemctl start nginx
sudo systemctl enable nginx
curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh
sudo usermod -aG docker $USER
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https
sudo ufw enable
curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash
source ~/.bashrc
nvm install node
sudo apt install mysql-server -y
sudo mysql_secure_installation
sudo apt install php php-fpm php-mysql php-curl php-gd php-mbstring php-xml php-zip -y
sudo apt install certbot python3-certbot-nginx -y
sudo certbot --nginx -d yourdomain.com
sudo apt install git -y
git config --global user.name "Your Name"
git config --global user.email "your@email.com"
sudo apt install htop ncdu -y
htop # Interactive process viewer
df -h # Disk usage
free -h # Memory usage
crontab -e
# Add this line for daily backup at 2 AM:
# 0 2 * * * /path/to/backup-script.sh
sudo apt install python3 python3-pip python3-venv -y
python3 -m venv myenv
source myenv/bin/activate
sudo rsync -avz --exclude='/proc' --exclude='/sys' --exclude='/dev' / /backup/
uname -a # System info
lscpu # CPU info
lsblk # Block devices
systemctl status # Service status
sudo apt install redis-server -y
sudo systemctl start redis
sudo systemctl enable redis
redis-cli ping
sudo apt install fail2ban -y
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo systemctl start fail2ban
sudo systemctl enable fail2ban
wget -qO - https://www.mongodb.org/static/pgp/server-6.0.asc | sudo apt-key add -
echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/6.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-6.0.list
sudo apt update
sudo apt install mongodb-org -y
sudo nano /etc/logrotate.d/myapp
# Add these lines:
# /var/log/myapp/*.log {
# daily
# missingok
# rotate 30
# compress
# notifempty
# }
sudo apt install postfix mailutils -y
sudo dpkg-reconfigure postfix
echo "Test email" | mail -s "Test Subject" user@domain.com
sudo fallocate -l 2G /swapfile
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
echo "deb https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-8.x.list
sudo apt update
sudo apt install elasticsearch -y
ssh-keygen -t rsa -b 4096 -C "your_email@domain.com"
mkdir -p ~/.ssh
chmod 700 ~/.ssh
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
wget -q -O - https://pkg.jenkins.io/debian/jenkins.io.key | sudo apt-key add -
sudo sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list'
sudo apt update
sudo apt install openjdk-11-jdk jenkins -y
sudo apt install postgresql postgresql-contrib -y
sudo systemctl start postgresql
sudo systemctl enable postgresql
sudo -u postgres createuser --interactive
sudo -u postgres createdb mydatabase
sudo nano /etc/nginx/sites-available/loadbalancer
# Add upstream configuration:
# upstream backend {
# server 192.168.1.10:80;
# server 192.168.1.11:80;
# }
sudo ln -s /etc/nginx/sites-available/loadbalancer /etc/nginx/sites-enabled/
sudo nginx -t
sudo apt install vsftpd -y
sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.bak
sudo systemctl start vsftpd
sudo systemctl enable vsftpd
sudo ufw allow 20/tcp
sudo ufw allow 21/tcp
wget https://repo.zabbix.com/zabbix/6.0/ubuntu/pool/main/z/zabbix-release/zabbix-release_6.0-4+ubuntu20.04_all.deb
sudo dpkg -i zabbix-release_6.0-4+ubuntu20.04_all.deb
sudo apt update
sudo apt install zabbix-agent -y
sudo nano /usr/local/bin/backup.sh
# Add backup script content
sudo chmod +x /usr/local/bin/backup.sh
# Add to crontab: 0 2 * * * /usr/local/bin/backup.sh
crontab -e
sudo apt install memcached libmemcached-tools -y
sudo systemctl start memcached
sudo systemctl enable memcached
echo "stats" | nc localhost 11211
systeminfo
Get-ComputerInfo
Enable-WindowsOptionalFeature -Online -FeatureName IIS-WebServerRole
Enable-WindowsOptionalFeature -Online -FeatureName IIS-WebServer
New-NetFirewallRule -DisplayName "Allow HTTP" -Direction Inbound -Protocol TCP -LocalPort 80 -Action Allow
New-NetFirewallRule -DisplayName "Allow HTTPS" -Direction Inbound -Protocol TCP -LocalPort 443 -Action Allow
Set-ExecutionPolicy Bypass -Scope Process -Force
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072
iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1'))
New-LocalUser -Name "newuser" -Password (ConvertTo-SecureString "Password123!" -AsPlainText -Force)
Add-LocalGroupMember -Group "Administrators" -Member "newuser"
choco install git -y
git config --global user.name "Your Name"
git config --global user.email "your@email.com"
choco install nodejs -y
node --version
npm --version
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -value 0
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
choco install python -y
python --version
pip --version
sfc /scannow
chkdsk C: /f /r
Get-EventLog -LogName System -Newest 10
$action = New-ScheduledTaskAction -Execute "C:\path\to\script.bat"
$trigger = New-ScheduledTaskTrigger -Daily -At "2:00AM"
Register-ScheduledTask -Action $action -Trigger $trigger -TaskName "MyTask"
Get-Process | Sort-Object CPU -Descending | Select-Object -First 10
Get-Counter "\Processor(_Total)\% Processor Time"
Get-WmiObject -Class Win32_LogicalDisk
choco install sql-server-express -y
choco install sql-server-management-studio -y
ipconfig /all
netstat -an
Test-NetConnection -ComputerName google.com -Port 80
wbadmin start backup -backupTarget:D: -include:C: -quiet
Checkpoint-Computer -Description "Pre-update backup"
choco install docker-desktop -y
# Enable Windows containers
Enable-WindowsOptionalFeature -Online -FeatureName containers -All
wsl --install
wsl --set-default-version 2
wsl --install -d Ubuntu
choco install vscode -y
choco install vscode-powershell -y
choco install vscode-python -y
Set-MpPreference -DisableRealtimeMonitoring $false
Update-MpSignature
Start-MpScan -ScanType QuickScan
choco install redis-64 -y
redis-server --service-install
redis-server --service-start
Enable-WindowsOptionalFeature -Online -FeatureName IIS-ASPNET45
Enable-WindowsOptionalFeature -Online -FeatureName IIS-NetFxExtensibility45
Enable-WindowsOptionalFeature -Online -FeatureName IIS-ISAPIExtensions
choco install mongodb -y
mkdir C:\data\db
mongod --dbpath C:\data\db --install
net start MongoDB
wevtutil sl Security /ms:1024000
wevtutil sl Application /ms:1024000
Get-WinEvent -LogName Security -MaxEvents 10
choco install postgresql -y
choco install pgadmin4 -y
# Service will start automatically
Enable-WindowsOptionalFeature -Online -FeatureName WindowsServerBackupSnapin
wbadmin enable backup -addtarget:D: -include:C: -schedule:02:00
choco install nginx -y
# Start nginx service
Start-Service nginx
w32tm /config /manualpeerlist:"time.windows.com" /syncfromflags:manual /reliable:yes /update
w32tm /resync
w32tm /query /status
Enable-WindowsOptionalFeature -Online -FeatureName IIS-FTPServer
Enable-WindowsOptionalFeature -Online -FeatureName IIS-FTPExtensibility
Import-Module WebAdministration
logman create counter PerfLog-System -o C:\perflogs\system.blg -f bincirc -max 500 -c "\Processor(_Total)\% Processor Time" "\Memory\Available MBytes"
logman start PerfLog-System
choco install openjdk -y
choco install maven -y
java -version
mvn -version
A VPS (Virtual Private Server) is a virtualized server that provides you with dedicated resources and root access at a fraction of the cost of a physical server. You need a VPS for hosting websites, running applications, development environments, or when shared hosting limitations become restrictive.
Linux VPS is generally recommended for beginners due to lower costs, better performance, extensive documentation, and stronger security. However, choose Windows VPS if you need to run .NET applications, use Microsoft SQL Server, or prefer a GUI interface.
Essential security steps include: updating the system, changing default passwords, setting up a firewall (UFW for Linux, Windows Firewall for Windows), disabling root login, using SSH keys instead of passwords, installing fail2ban, and keeping software updated regularly.
For a basic web server: 1GB RAM, 1 CPU core, 20GB SSD storage, and 1TB bandwidth. For higher traffic sites: 2-4GB RAM, 2+ CPU cores, 40GB+ SSD storage. Always choose SSD over HDD for better performance.
Create automated daily backups for critical data and weekly full system backups. Store backups in multiple locations (local and remote). Test backup restoration regularly to ensure they work when needed.
Yes, most VPS providers allow you to upgrade RAM, CPU, and storage. Upgrades typically require a reboot and may have brief downtime. Some providers offer hot upgrades for certain resources without downtime.
Use htop for real-time monitoring, netdata for web-based monitoring, nagios for comprehensive monitoring, and set up log monitoring with tools like logwatch. Many hosting providers also offer built-in monitoring dashboards.
Check running processes with 'top' or 'htop', monitor disk I/O with 'iotop', check memory usage with 'free -h', analyze logs for errors, and identify resource-hungry applications. Consider upgrading resources or optimizing applications if needed.
For Linux: Use 'netstat -tuln' or 'ss -tuln' to see listening ports. For Windows: Use 'netstat -an' or 'Get-NetTCPConnection' in PowerShell. You can also use 'nmap localhost' on both systems to scan open ports.
Root is the superuser account with complete system access. Sudo allows regular users to execute commands with root privileges temporarily. It's safer to use sudo than logging in as root directly, as it provides better audit trails and reduces security risks.
Linux uses systemctl: 'systemctl start/stop/restart/status servicename'. Windows uses services.msc GUI or PowerShell: 'Start-Service', 'Stop-Service', 'Restart-Service', 'Get-Service'. Both systems allow you to enable/disable services for automatic startup.
First, identify large files with 'du -sh /*' (Linux) or 'Get-ChildItem -Recurse | Sort Length -Descending' (Windows). Clean log files, temporary files, and old backups. Consider adding more storage, enabling log rotation, or moving data to external storage solutions.
Linux: Install 'unattended-upgrades' package and configure it, or use cron jobs. Windows: Enable Windows Update via 'sconfig' or Group Policy, or use PowerShell 'Install-Module PSWindowsUpdate'. Always test updates in staging before production.
Use strong, unique passwords (12+ characters with mixed case, numbers, symbols). Enable two-factor authentication when possible. For SSH, use key-based authentication instead of passwords. Change default passwords immediately and avoid using the same password across services.
Linux: Use 'htop', 'top', 'iotop' for processes, or 'vmstat' for system stats. Windows: Use Task Manager, Resource Monitor, or PowerShell 'Get-Counter' cmdlets. Set up monitoring tools like Nagios, Zabbix, or cloud provider monitoring for continuous tracking.
Not natively on the same OS. However, you can use Docker containers, virtual machines (VMware, VirtualBox), or Windows Subsystem for Linux (WSL) on Windows. Cloud providers also offer nested virtualization for running multiple OS environments.
Start with 'ping google.com' to test internet connectivity. Use 'traceroute' (Linux) or 'tracert' (Windows) to trace network path. Check DNS with 'nslookup' or 'dig'. Verify firewall rules and ensure required ports are open. Test specific services with 'telnet hostname port'.
Change default SSH port (22), disable root login, use SSH keys instead of passwords, enable fail2ban, whitelist specific IP addresses, and use tools like Google Authenticator for 2FA. Regularly monitor auth logs and keep SSH software updated.
Popular options include MySQL, PostgreSQL, MongoDB, or SQL Server. Install via package managers (apt, yum, choco), secure the installation, create databases and users, configure remote access if needed, and set up regular backups. Always use strong passwords and limit access.
Try accessing via console through your hosting provider's panel. Check system resources, running processes, and log files. Restart hung services or reboot if necessary. Monitor for recurring issues and consider upgrading resources or optimizing applications causing problems.
Linux/Nginx: Create separate server blocks in /etc/nginx/sites-available/. Apache: Use virtual hosts. Windows/IIS: Add multiple sites in IIS Manager. Each domain needs its own configuration file, document root, and potentially SSL certificates. Test configurations before going live.
Containers (Docker) provide consistent environments, easy scaling, resource isolation, quick deployment, and portability between development and production. They're lighter than VMs, enable microservices architecture, and simplify dependency management across different applications.