Overview
iKVM
Secure Login
Network Cards
Hard drives
SSHFS
Basic DNS
Website DNS
Certbot SSL
Apache and PHP
Maria DB
Mail Server Basics
Mail Server SSL
Mail Server Filters
Checklist
Backup
iKVM
Secure Login
Network Cards
Hard drives
SSHFS
Basic DNS
Website DNS
Certbot SSL
Apache and PHP
Maria DB
Mail Server Basics
Mail Server SSL
Mail Server Filters
Checklist
Backup
Last updated: August 2025
Website Checklist
Note: This article series covers configuring Debian 12 for hosting multiple domains and web sites on a single dedicated server. As such, some strategies may be inappropriate for your environment. Sockets for example are appropriate for communication between services hosted on the same machine but not suited to a set up with distributed services (where you'd use ports). Please consult the overview for more information.
Here's a checklist to help you when you're setting up a website on your dedicated server.
Purchase your new domain name ('your_domain' in this article).
DNS
Make sure you've set up your domain name in named.conf.local:sudo nano /etc/bind/named.conf.local
zone "your_domain" {
type master;
file "/etc/bind/zones/your_domain.db";
};
Create your forward lookup zone (I recommend copying an existing file and then editing it accordingly):
sudo nano /etc/bind/zones/your_domain.db
; BIND data file for your_domain ; $TTL 14400 @ IN SOA your_domain. admin.your_domain. ( 2025082101 ; Serial 900 ; Refresh 600 ; Retry 86400 ; Expire 3600) ; Minimum TTL ; your_domain. IN NS ns1.your_primary_server_domain. your_domain. IN NS ns2.your_primary_server_domain. your_domain. IN MX 10 blnkserver.com. your_domain. IN A 74.201.177.83 www IN A 74.201.177.83 mail IN A 74.201.177.83 your_domain. IN TXT "v=spf1 mx ~all"Add your DNS name servers to your new domain in your domain name account.
Web site
Make a directory for your website (use your path):sudo mkdir /mnt/d1/www/your_domain
Upload your website files.
Add the insecure version (port 80) of your site to Apache:
sudo nano /etc/apache2/sites-available/your_domain.conf
<VirtualHost *:80>
ServerAdmin admin@your_domain
ServerName your_domain
ServerAlias *.your_domain
DocumentRoot /mnt/d1/www/your_domain
DirectoryIndex index.php
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Enable your site in Apache:
sudo a2ensite your_domain
Reload Apache to make sure it picks up the changes:
sudo systemctl reload apache2
Request your SSL certificates and upgrade your site to make it secure (notice I also request the mail sub-domain here to save time later):
sudo certbot --apache -d your_domain -d www.your_domain -d mail.your_domain
Remember Certbot will upgrade the site for you. Check it works by visiting www.your_domain in your browser.
Mail boxes
Postfix
Make sure your domain is specified in virtual_mailbox_domains. Edit main.cf:sudo nano /etc/postfix/main.cf
... virtual_mailbox_domains = domain1.com, your_domain ...Add the mail boxes to vmailbox:
sudo nano /etc/postfix/vmailbox
... admin@your_domain your_domain/admin/ ...Add any mail re-directions to valiases. Remember if you add a catch all then you need to specify every mail box:
sudo nano /etc/postfix/valiases
... @your_domain admin@your_domain admin@your_domain admin@your_domain ...Make sure your domain SSL certificate pair is specified in vcerts:
sudo nano /etc/postfix/vcerts
... mail.your_domain /etc/letsencrypt/live/your_domain/privkey.pem /etc/letsencrypt/live/your_domain/fullchain.pem ...Rebuild the databases so Postfix can use them:
Postmap /etc/postfix/vmailbox
Postmap /etc/postfix/valiases
Postmap -F /etc/postfix/vcerts
Restart Postfix to pick up the changes:
sudo systemctl restart postfix
Dovecot
Make sure there is a local_name block defining the SSL certificates to use for the mail services on your domain:sudo nano /etc/dovecot/conf.d/10-ssl.conf
...
local_name mail.your_domain {
protocol imaps {
ssl_cert = </etc/letsencrypt/live/your_domain/fullchain.pem
ssl_key = </etc/letsencrypt/live/your_domain/privkey.pem
}
protocol pop3s {
ssl_cert = </etc/letsencrypt/live/your_domain/fullchain.pem
ssl_key = </etc/letsencrypt/live/your_domain/privkey.pem
}
}
...
Add the usernames and passwords for your mailboxes in .users:
sudo nano /etc/dovecot/.users
...
admin@your_domain:{PLAIN}your_password::::::
...
Restart Dovecot to pick up the changes:
sudo systemctl restart dovecot
2025