Setting up and Securing Ubuntu server with a Basic Firewall
Last Updated : 11 Aug, 2021
VPS(Virtual Private Servers) are commonly used to host and serve many types of services. There are many providers that provide virtual servers. Many of these provide VPS’s with their custom-built Linux OS which is lightweight compared to their desktop versions. These OS have built-in security but we can make them better. This article helps you to set up a secure Ubuntu VPS server.
Disabling Root User
Now, after you create your VPS, login into the root account using SSH. The root account in Ubuntu has almost all the privileges to all the processes and data. Disabling root users makes VPS less vulnerable. Before you disable the root user, we must first create a new user and add sudo rights to that user.
ssh root@<your-vps-ip>
To create a new user and add admin rights, follow the commands below before they update ubuntu packages
sudo apt update && sudo apt upgrade sudo adduser admin usermod -aG sudo admin
The first command instructs Ubuntu to create a new user. It asks for basic details and passwords. After you complete it, a new user admin is created. The second command adds the “admin” user to sudo group.
adding new users
After creating a new user, we need to share ssh keys with the newly created user using the Rsync command.
rsync --archive --chown=admin:admin ~/.ssh /home/admin
If the commands run successfully, log out of the root user account and again login into the newly created admin user account, and open sshd config file using any terminal editor like nano (or) vim. You can use the commands below
ssh admin@<your-vps-ip> sudo nano /etc/ssh/sshd_config
This will open the SSH config file. In the file, you need to comment on a line which is “PermitRootLoginnew yes” and add a new line that is “AllowUsers Admin” at the end of the file.
//comment out the below line #PermitRootLogin yes . . //Add this at the end of the file AllowUsers admin
commenting out the line
adding new line
After adding the new line, exit from the editor, and restart ssh, you can use the below command which will block access to every user except the admin.
sudo service restart ssh
Setting up UFW
Uncomplicated Firewall(UFW) is a default program for managing a firewall in Ubuntu systems. It uses a command-line interface consisting of simple commands which can be found using man ufw. UFW is available by default on all the latest Ubuntu installations. UFW protects the server along with IPtables(An IP packet filter). If you are using your VPS for hosting your website, it’s better you only allow ports 22(SSH), 80(HTTP), 443(HTTPS). You can do that by running the command below.
sudo ufw allow OpenSSh sudo ufw allow 80 sudo ufw allow 443 //starts the firewall sudo ufw enable
allowing port 80
After adding all three lines, you can check your firewall status using the below command.
sudo ufw status
firewall active
This way, you can set up and secure your server before working on it. Some other things you need to do regularly are:-
- Keep the system up to date
- Remove unused packages
- Make your application secure
- Using strong passwords
- Disable IPv6 if you don’t use it
- Always use SSH, SFTP
- Encrypt your data at rest
- Monitor your logs
- It’s better to keep Cloudflare before your VPS
Similar Reads
Setting Up and Configuring a Linux Mail Server
Setting up and configuring a Linux mail server is a crucial task for individuals and organizations seeking to manage their email communication efficiently and securely. This article will guide you through the process of establishing a robust mail server on a Linux system, covering essential steps su
7 min read
How to Set Up Apache Web Server in AWS EC2 Linux (Ubuntu) Instance?
In this article, we will look into the process of setting up Apache Web Server in AWS EC2 Linux Instance.This tutorial has been done on a system running Windows 10 Home (Version 20H2). Implementation:The steps taken to complete this tutorial are being stated below: Step 1: Go to portal.aws.amazon.co
4 min read
How to install and configure Nginx Web Server on Godaddy VPS (Ubuntu)?
GoDaddy Server is a cloud-based hosting platform that consists of virtual and dedicated servers. The premium service includes weekly backups, 99% uptime, 24x7 Customer Support, a free encrypted SSL certificate, unlimited bandwidth, and SSD storage. For regular users, the latest generation is VPS Gen
2 min read
How to setup and configure an FTP server in Linux?
FTP (file transfer protocol) is an internet protocol that is used for transferring files between client and server over the internet or a computer network. It is similar to other internet protocols like SMTP which is used for emails and HTTP which is used for websites. FTP server enables the functio
9 min read
How to setup and configure an FTP server in Linux?
FTP (file transfer protocol) is an internet protocol that is used for transferring files between client and server over the internet or a computer network. It is similar to other internet protocols like SMTP, which is used for emails, and HTTP, which is used for websites. FTP server enables the func
13 min read
What is a Linux Server and Why use it
A Linux server is a computer running the Linux operating system designed to serve various functions, such as hosting websites, managing databases, and handling network services. In this article, we'll explore what Linux servers are and delve into the reasons why they are widely used in enterprise en
9 min read
How to install and setup the OpenVPN server on Ubuntu/Debian?
A VPN is a tool that acts as a middleman between you and the Internet that you browse. Whatever you do online, the VPN acts as a connecting bridge between your computer and the Internet. To the services that you are using, for example - visiting a website), to them, it appears as if your VPN is the
6 min read
How to Install Ubuntu Server Edition with LXD Containers?
Managing several types of isolated environments on a single host is made possible with Ubuntu Server Edition installed in LXD containers for the system requirement. The Ubuntu team developed and maintained all the LXD container systems by following the practical implementation. A hypervisor service
4 min read
How to Secure Your Linux Server Using UFW Firewall?
Maintaining a dependable operating system and safeguarding all the internal data require secure Linux server systems. Setting up a strong firewall management system is one of the easiest and most efficient ways to protect the security of the server. A user-friendly GUI for the potent Linux firewall
6 min read
Linux SSH Server (sshd) Configuration and Security Options With Examples
SSH is short for Secure Shell or Secure Socket shell. According to Wikipedia, the Secure Shell Protocol is a cryptographic network protocol for operating network services securely over an unsecured network. sshd is short for Secure shell daemon. SSH is one of the most reliable ways that you can choo
3 min read