This guide is meant for beginners, who have never created a VPS before

 

Creating a VPS is really straightforward. I have chosen Vultr* as my VPS provider, because they offer great performancebacked by benchmarks and have great support. There are also other VPS providers out there likeDigitalOcean or Linode, but this article focuses just on Vultr. Just to name a few of them.

Create your account

First of all you need to create an account on Vultr.

 

 

 

Create your VPS

After you are logged in, you will see the following Dashboard. Press on the blue plus button to create a new server.

Select your server type

Next you need to select your server type from the 4 existing ones.

Cloud Compute

The most common VPS type.

Our high performance compute instances are perfect for your web application or development environment.

High Frequency

If you need even better performance.

Instances are powered by high clock speed CPU's and NVMe local storage to power your most demanding applications.

Bare Metal

Sometimes also called Root servers. It's like if you would own a physical server, but located somewhere else.

Stay in full control of your environment with high performance single-tenant dedicated servers.

Dedicated Cloud

Kind of like Bare Metal, but not with dedicated hardware just for you, but with dedicated resources.

Say goodbye, noisy neighbors! Deploy cloud instances with dedicated CPU, SSD drives, and RAM just for you.

Select a server location

Depending where you live, you can select a region where your server should be located.

Select a operating system

In this step you can select your operating system (OS) for the server. I am most familiar with debian based OS like Debian or Ubuntu.Make sure to select a Long-term support (LTS) version of Ubuntu, to get security updates for 5 years after the initial release.

Vultr also has images with preinstalled application that could be used. If you don't find your OS on Vultr, they also support to uploadyour own ISO file.

 

 

Select the specs of your server

Now comes the most important part. In this step you have to decide how much resources do you need.

For small websites or web apps the 5$ instance should be enough to get started.The 10$ instance is probably a good choice if you alsoneed to host a database with PostgreSQL or MySQL.

If you ever think you current instance is sweating and can't handle the load anymore, Vultr allows to upgrade your serverto better plan with just 1 click!

 

 

Deploy your server

Last but not least you can give your server a hostname. After that you get a summery and you can press "Deploy Now" to create your server.

07 Vultr

Server overview

After some time your new server should be visible in the dashboard.

08 Vultr

Vultr will send you an Email with the IP of the server and how you can connect to it.

Connecting to the server

When you click on the server in the dashboard you will find an overview and more settings to interact with it.

You can copy the password for the root user using the copy symbol.

 

 

If you are using Windows you need to enable Windows Subsystem for Linux (WSL) ordownload Putty in order to connect to the server.

On a Linux or macOS (or Windows 10 with WSL) system you can just open the Terminal application and connect via SSH.

ssh This email address is being protected from spambots. You need JavaScript enabled to view it.
The authenticity of host '136.244.81.25 (136.244.81.25)' can't be established.
ECDSA key fingerprint is SHA256:E4VbM7b7i2jZO8aBgKSL1jfh6Td9Gv7TTswsSmGHc70.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '136.244.81.25' (ECDSA) to the list of known hosts.
This email address is being protected from spambots. You need JavaScript enabled to view it.'s password:
Welcome to Ubuntu 18.04.3 LTS (GNU/Linux 4.15.0-74-generic x86_64)

 * Documentation: https://help.ubuntu.com
 * Management: https://landscape.canonical.com
 * Support: https://ubuntu.com/advantage

  System information as of Wed Feb 12 13:01:10 UTC 2020

  System load: 0.0 Processes: 83
  Usage of /: 9.4% of 24.55GB Users logged in: 0
  Memory usage: 12% IP address for ens3: 136.244.81.25
  Swap usage: 0%

0 packages can be updated.
0 updates are security updates.

root@thanos:~#

 

 

 

Congratulations you now have successfully created a server on Vultr and connected to it!

When performing security research or connecting over untrusted networks, it’s often useful to tunnel connections through a VPN in a public cloud. This approach helps conceal your origin and safeguard your traffic, contributing to OPSEC when interacting with malicious infrastructure or traversing hostile environments.

One way to accomplish this is to set up your own VPN server, as an alternative to relying on a commercial VPN service. The following tutorial explains how to deploy the Algo VPN software bundle on DigitalOcean (the link includes my referral code). I like using DigitalOcean for this purpose because it offers virtual machines (VMs) for as little as $5 per month; also, I find it easier to use than other cloud services.

 

Algo VPN Overview

Algo VPN is an open-source software bundle designed for self-hosted VPN services. It was designed by the folks at Trail of Bits to be easy to deploy, rely only on modern protocols and ciphers, and provide reasonable security defaults. Also, it doesn’t require dedicated VPN client software for connecting from most systems and devices, because of native IPSec support. It also supports WireGuard.

To understand why its creators believe Algo VPN is a better alternative to commercial VPNs, the Streisand VPN bundle and OpenVPN, read the blog post that announced Algo’s initial release.  As outlined in the post, Algo VPN is meant “to be easy to set up. That way, you start it when you need it, and tear it down before anyone can figure out the service you’re routing your traffic through.”

 

Creating a DigitalOcean VM

To obtain an Internet-accessible system where you’ll install Algo VPN server software, you can create a “droplet” on DigitalOcean running Ubuntu with a few clicks. Do do that, click the dropdown button below the Ubuntu icon on the DigitalOcean “Create Droplets” page, then select an 18.04 x64 option, as shown below.

Accepting default options for the droplet should be OK in most cases. If you’re not planning to tunnel a lot of traffic through the system, selecting the least expensive size will probably suffice. Select the geographic region where the VM will run based on your requirements. Assign a hostname that appeals to you.

Once the new host is active, make a note of the public IP address that DigitalOcean assigns to it and log into it using SSH. Then run the following commands inside your VM to update its OS and install Algo VPN core prerequisites:

 

apt-get -y update
apt-get -y upgrade
apt install -y python3-virtualenv

 

Reboot the VM. At this point, you could harden the configuration of your VM, but these steps are outside the scope of this guide.

 

 

Installing Algo VPN Server Software

Next, obtain the latest Algo VPN server software on the newly-setup droplet and prepare for the installation by executing the following commands:

 

git clone https://github.com/trailofbits/algo
cd algo
python3 -m virtualenv --python=/usr/bin/python3 .env
source .env/bin/activate
python3 -m pip install -U pip virtualenv
python3 -m pip install -r requirements.txt

 

 Set up the username for the people who will be using the VPN. To accomplish this, use your favorite text editor, such as Nano or Vim, to edit the config.cfg file in the ~/algo directory:

 

vim config.cfg

 

If you wish, remove the lines that represent the default users phone, laptop, and desktop add your own (e.g., john) so that the corresponding section of the file looks like this:

 

users:
 - john

 

To improve your server’s security posture, consider setting enabling the unattended_reboot option so it looks like this:

 

unattended_reboot:
  enabled: true
  time: 06:00

 

Set the reboot time so it’s least likely to inconvenience you or otherwise interfere with the server’s operation.

Set the reboot time so it’s least likely to inconvenience you or otherwise interfere with the server’s operation.

 

./algo

 

When prompted by the installer, select the option to install “to existing Ubuntu 18.04 or 20.04 server.”

When proceeding with the installer, you should be OK  in most cases by accepting default answers. For example, when asked to enter “the IP address of your server,” press Enter to accept the default “localhost” value.

When asked about the public IP address of the server, enter the IP address assigned to your VM by DigitalOcean when you created the droplet.

After providing the answers, give the installer a few minutes to complete its tasks. Be patient. Once it finishes, you’ll see the “Congratulations!” message, stating that your Algo VPN server is running.

Be sure to capture the “p12 and SSH keys password for new users” that the installer will display at the end as part of the congratulatory message because you will need to use it later. Store it in a safe place, such as your password vault.

 

Configuring VPN Clients

Once you’ve set up the Algo VPN service, configure your VPN client. The Algo setup process generates VPN client configuration files that allow you to easily complete the setup. It stores the files in under ~/algo/configs in a subdirectory whose name matches your server’s IP address.

In most cases, start by installing the WireGuard VPN client for your OS (get the app for macOS, iOSAndroid, or Windows). Next:

  • For iOS and Android, use the WireGuard app to scan the QR code PNG image that Algo generated and placed in the wireguard subdirectory on your server.
  • For Windows and macOS (Mojave or later), use the WireGuard app to “Import tunnel(s) from file…” and point it to the .conf file that Algo generated and placed in the wireguard subdirectory on your server.

If you don’t want to install WireGuard on your iOS device, you can follow Algo’s instructions to configure the built-in IPSec VPN client for Apple devices.

If using the WireGuard VPN client, use it to activate your VPN tunnel.

 

Additional Considerations for Algo VPN

Before relying on VPN to safeguard your interactions with malicious infrastructure, be sure to confirm that it’s concealing the necessary aspects of your origin. If it’s working properly, the remote host should see the IP address of your VPN servers, instead of the IP address of your VPN client. Similarly, your DNS traffic should be getting directed through the VPN tunnel, concealing your client’s locally-configured DNS server. One way to validate this is to use whoer.net, comparing what information the site reveals before and after you activate your VPN connection. Also, confirm that you’re not leaking your origin over IPv6; one way to do that is by connecting to ipv6leak.com.

You can turn off your VM when you don’t need it. When you boot it up again, Algo VPN software will automatically launch in the background. If running the server for longer periods, you should implement security measures necessary appropriate for Internet-connected infrastructure.

As you use your Algo VPN, adversaries might begin tracking the server’s IP address and eventually blacklist it. Therefore, it’s a good idea to periodically destroy this DigitalOcean droplet and create a new one from scratch. This will not only change the server’s IP address but also ensure that you’re running the latest version of VPN software and its dependencies. Unfortunately, after you do this, you’ll need to re-import VPN configuration details to match the new server’s IP address and certificate.

Trending Now

Post Gallery

Create your first VPS on Vultr

CaveToKingdom - Protect your kingdom, sell and buy goods and make some money

Deploying Your Own Algo VPN Server in the DigitalOcean Cloud

11 easy ways to earn rewards on Swagbucks

Earn some money with LifePoints surveys

Goaltycoon - the game that you have the possibility to convert your virtual currency into real money