Abhijeet Jaiswal

Initial setup of a fresh Ubuntu server

server
3 min read

Wondering what are some of the very first things to be done on an Ubuntu server before you start setting up your server to host your apps.

I guess you have come up with a solution to use Ubuntu as your server and have signed up for your dedicated or VPS Ubuntu server. Now you are wondering what are some of the very first things to be done on a Ubuntu server. Don't worry! I have recently been in the same situation where I was setting up my new VPS and wondering the same and had to go through a few articles.

I'll save quite some time of yours so that you can quickly do some important configurations and then take your app online rather than spending time reading up articles on first things to do on an Ubuntu server.

Prerequisites

  • Plan your use case and pick an Ubuntu server - dedicated or VPS
  • Setup a strong root password
  • Access to the server over SSH or GUI

5 first things for a beginner to do on an Ubuntu server:

Before you start setting up your server to host your web app, microservices, database, etc., these would be some of the very basic tweaks I would recommend that you do to your Ubuntu installation:

1. Update the existing Ubuntu packages to the latest versions

sudo apt-get update && sudo apt-get upgrade -y && sudo apt-get autoremove -y && sudo apt-get clean -y

You can read more on this in the article about updating Ubuntu packages.

2. Update the existing Ubuntu packages to the latest versions

Believe me, it's very important as many apps require non-root users to install and also you don't want everything other programs to run under the root user with the highest privileges.

Create the user:

useradd <username>

Set password for the new user:

passwd <username>

Grant sudo privileges to the newly created user:

usermod -aG sudo <username>

3. Copy the authorized SSH keys from the root to the new user

Login as root and then copy your already authorized SSH keys from the root user to the newly created user (only needed when the new user is going to use the same device to SSH into the server mostly yourself). We will be mostly using the new user to set up the server for our apps rather than root itself.

rsync --archive --chown=<username>:<username> ~/.ssh /home/<username>

4. Enable firewall

Ubuntu comes up with a built-in firewall - UFW. We will check its status and then only open the ports that our apps need - NOTHING MORE.

Enable firewall

sudo ufw enable

Check the status of the firewall

sudo ufw status

List the app configurations that UFW knows

sudo ufw app list

Open ports as needed (below opens port 80)

sudo ufw allow 80

5. Securing access to the server:

Open the SSH config file

sudo vi /etc/ssh/sshd_config

Find the below lines in the SSH config and update as required to match the below values:

IgnoreRhosts yes
PermitRootLogin prohibit-password
PasswordAuthentication no
PermitEmptyPasswords no

Save and exit the SSH config file

Esc -> :wq or :x to quit vi

Restart the SSH service for the changes to take effect

/etc/init.d/ssh restart

Now exit the server and test the SSH access from the new user that you created