Install Nextcloud on VPS: Security Updates and Firewall

Learn how to install Nextcloud on your VPS, set up automated security updates, and configure a firewall – for a secure and reliable cloud solution.

nextcloudvpsfirewallinstallationsecurity updates

Why Nextcloud on a VPS?

Nextcloud gives you full control over your data. A VPS Server offers the flexibility and performance you need to run Nextcloud as you wish. You decide on storage, computing power, and security.

Preparation: Set Up the Server

Before starting, ensure your VPS runs a fresh Ubuntu 22.04 LTS. Connect via SSH and perform the following updates:

sudo apt update && sudo apt upgrade -y

Install Nextcloud

1. Set Up LAMP Stack

Install Apache, MariaDB, and PHP with the required modules:

sudo apt install apache2 mariadb-server php php-mysql libapache2-mod-php php-xml php-mbstring php-curl php-gd php-zip php-intl -y

2. Configure Database

Create a database and user for Nextcloud:

sudo mysql -u root -p
CREATE DATABASE nextcloud;
CREATE USER 'nextcloud'@'localhost' IDENTIFIED BY 'YourSecurePassword';
GRANT ALL PRIVILEGES ON nextcloud.* TO 'nextcloud'@'localhost';
FLUSH PRIVILEGES;
EXIT;

3. Download Nextcloud

Download the latest version and extract it:

cd /var/www/
sudo wget https://download.nextcloud.com/server/releases/latest.zip
sudo unzip latest.zip
sudo chown -R www-data:www-data nextcloud
sudo chmod -R 755 nextcloud

4. Configure Apache

Create a virtual host configuration:

sudo nano /etc/apache2/sites-available/nextcloud.conf

Add the following content (replace your-domain.com with your domain):

<VirtualHost *:80>
    ServerAdmin admin@your-domain.com
    ServerName your-domain.com
    DocumentRoot /var/www/nextcloud
    <Directory /var/www/nextcloud/>
        Options +FollowSymlinks
        AllowOverride All
        Require all granted
    </Directory>
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Enable the site and mod_rewrite:

sudo a2ensite nextcloud.conf
sudo a2enmod rewrite
sudo systemctl restart apache2

Automated Security Updates

Set up unattended-upgrades so your server updates automatically:

sudo apt install unattended-upgrades -y
sudo dpkg-reconfigure --priority=low unattended-upgrades

Select "Yes" and configure the updates as desired. This keeps your system always up to date.

Configure Firewall

Use UFW (Uncomplicated Firewall) to allow only necessary ports:

sudo ufw allow 22/tcp
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw enable

If you use HTTPS, don't forget to open port 443 later.

SSL Certificate with Let's Encrypt

Install Certbot and obtain a free SSL certificate:

sudo apt install certbot python3-certbot-apache -y
sudo certbot --apache -d your-domain.com

Follow the instructions. Certbot automatically updates the Apache configuration and renews the certificate.

Additional Security Tips

  • Access Control: Use strong passwords and enable two-factor authentication.
  • Backups: Set up regular backups of your Nextcloud data.
  • Monitoring: Monitor your server with tools like Fail2ban.

With these steps, you run a secure Nextcloud instance on your VPS. If you don't have a VPS yet, check out our VPS Server – ideal for self-hosted cloud solutions.