Due to the fact that many VPN services (mainly free ones) are as dangerous as browsing without a VPN, we have decided to prepare a basic guide on how to create your own VPN. For what? well for bypass censorship or geo-restrictions on some websites and browse safely when using public Wi-Fi networks.
Of course, the method that we are going to teach you to create your own VPN, which consists of configuring an OpenVPN server in a VPS, will not make your internet connection 100% anonymous. In addition, your bandwidth will be limited and you will have to pay monthly for the VPS, although it is cheaper than hiring a third-party VPN service.
With the main pros and cons exposed, if you still like this idea, come with us to see how to create your own VPN service. We have made the guide as simple as possible so that you do not get overwhelmedas setup requires a bit of work and familiarity with concepts that the average user may not understand.
The first thing you have to do is create a VPS (virtual private server), which is the Linux virtual machine on which your VPN server will run. There are many VPS providers, but we particularly recommend Linode as it is not a very complicated option. Here are the steps to create your VPS on Linode:
- go to linode’s website and create an account.
- Once you have an account, click here to start creating the server.
- In the Distributions section, select the newest version of Ubuntu LTS. Below this option, choose the server region (you can change it later by contacting Linode support).
- In the part where they make you choose a plan, press the option 1GB Nano for SharedCPU. Remember that VPNs do not require a lot of processing power, so that plan will suffice.
- Finally, enter a password in the box root password. Then, hit the Create button to finish creating the VPS.
Ready! You already have a server that you can run a VPN on. To do this, you must configure the VPS in this way:
- Open your VPS tab on Linode and tap on launch console (this option is at the top).
- This will open a Terminal where you will be asked to log in. In “localhost logging” enter root and press the Enter key. In “Password” put the password that you had previously created and press Enter.
- You will see a welcome message with all the data of the server. After that, enter this command: wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh
- Now, you will be asked for your IP address, which protocol to use, and other information. Press Enter when asked for the protocol and the DNS server, but when it asks for the port, enter 443.
- After doing this, the necessary software to run a VPN will be installed. At the end of the installation, an .ovpn file will be created in the “root” folder of the server It contains your VPN connection and login information, so you need to extract it. To do this, create a web server by entering the following command: python3 -m http.server 80
- Next, copy the IP address of your VPS (appears in the file of the same in Linode).
- Paste the IP address of the server into your PC’s browser (without any https or http) and press Enter to access. Click on the file that ends in .ovpn To download it.
The OVPN file allows anyone to connect to your VPN, so keep it safe. If you think someone is accessing your VPN without your permission, run the VPN setup command again (the one that ends with “openvpn-install.sh”) to revoke the existing file and generate a new one.
How to secure your VPN server
You have already successfully created your own VPN, but don’t think you are done. There are still a few things you should do to reduce possible security vulnerabilities of the VPS server. The first thing we recommend you to do is activate the automatic updates of the server in this way:
- Enter the following command to install any available updates: apt update && apt upgrade -y
- Now, run this command to turn on automatic updates: apt install -y unattended-upgrades
Ready! The next thing you need to do is disable SSH access so that no person (including you) can access the server, except from the Linode Terminal. Thus, you will prevent strangers from trying to access your server by force. How to disable SSH access? This way:
- Run this command so that the SSH service does not start when the server boots: systemctl disable ssh.service
- Then stop the currently running SSH service with this command: systemctl stop ssh.service
With this you have made your server only accessible from the Linode console. If you want to reverse this action later, simply run these commands: systemctl enable ssh.service
and systemctl start ssh.service.
The last recommendation we can give you is enable two-step authentication for your Linode account. That way, it will be more difficult for attackers to gain access to your server. You can get this extra layer of protection with an app like Google Authenticator or Authy.
How to connect to your own VPN
If you followed the steps above, you already have your own VPN running and protected, as well as an .ovpn file in your possession. So, it’s time to connect to the VPN with OpenVPN. In this case, we will explain how to do it from an Android device. The only thing you will need is to have the .ovpn file in your Android storage and install the OpenVPN app.
Do you already have what it takes? Follow these steps to connect to the VPN:
- Open the OpenVPN app and tap the import button (It’s at the top and has a box icon.)
- Find the .ovpn file in your Android storage, select it, and then tap Save.
- Now, on the main screen of the app, you will see that a new connection option appears. press it and that’s it you will be connected to your own VPN.
That’s it! Start enjoying your VPN, doing all the tests you want. Remember that if something goes wrong with the VPN, you can go to the VPS server tab in Linode and select Running > Reboot to restart the VPN. In this way, bugs or unknown errors are usually easily solved.
And if you don’t want to keep having your own VPN, just go to Linode, select the VPN server, go into the settings and click on Delete Linode.
Anyway, that’s all you need to know when creating your own VPN. As you will see, doing this is easier than it seems, although what you get is a basic VPN that is not that functional such as the VPN service offered by companies. However, for certain uses, your own VPN can be very useful and much cheaper than third-party VPNs.