Press Ctrl+K to search anytime

How-to

How to Setup an Ubuntu Linux Server: Complete Administration Guide

Hardening Linux Server Infrastructures

Setting up an Ubuntu server requires implementing robust access controls. Running a server under the default root credentials exposes it to major security risks. Always create dedicated admin users and enforce key-based SSH authentication to block unauthorized access.

Setting up Fail2Ban Brute Force Shielding

Fail2Ban is a daemon that scans log files for malicious traffic. If an IP address fails to authenticate multiple times, Fail2Ban updates your iptables firewall rules to block the source. Install it using apt:

sudo apt install fail2ban -y
sudo systemctl enable fail2ban
sudo systemctl start fail2ban

Step-by-Step Instructions

1

Connect via SSH and Update Repositories

Connect to your server: "ssh root@server_ip". Run update commands to fetch the latest security patches: "sudo apt update && sudo apt upgrade -y".

2

Create a Non-Root Admin User

Create a secure user with admin privileges: "adduser username" followed by "usermod -aG sudo username".

3

Configure SSH Port and Disable Root login

Edit config file: "sudo nano /etc/ssh/sshd_config". Change the SSH port from 22 to a custom value, set "PermitRootLogin no", and restart sshd.

4

Configure UFW Firewall Settings

Allow your custom SSH port: "sudo ufw allow custom_port/tcp", allow HTTP/HTTPS ports, and enable the firewall: "sudo ufw enable".

5

Install Nginx Web Server Core

Deploy Nginx: "sudo apt install nginx -y". Confirm the service is active and running: "sudo systemctl status nginx".

Frequently Asked Questions

Port 22 is targeted by automated brute-force bots. Switching to a custom port helps mitigate unauthorized access attempts.
Generate keys on your local machine using ssh-keygen, then upload the public key using ssh-copy-id to disable password logins entirely.

Leave a Reply

Your email address will not be published. Required fields are marked *