Things to do after installing ubuntu #server

on

 After installing Ubuntu Server, there are several important steps you should take to ensure your server is secure, up-to-date, and configured for your specific needs. Here's a checklist of tasks to consider:


1. **Update and Upgrade the System**:

   ```sh

   sudo apt update

   sudo apt upgrade -y

   sudo apt dist-upgrade -y

   sudo apt autoremove -y

   ```


2. **Set the Timezone**:

   ```sh

   sudo dpkg-reconfigure tzdata

   ```


3. **Create a New User with Sudo Privileges**:

   ```sh

   sudo adduser newuser

   sudo usermod -aG sudo newuser

   ```

   Replace `newuser` with your preferred username.


4. **Secure SSH Access**:

   - **Disable Root Login**:

     ```sh

     sudo nano /etc/ssh/sshd_config

     ```

     Set `PermitRootLogin no` and restart SSH:

     ```sh

     sudo systemctl restart ssh

     ```

   - **Change the Default SSH Port** (optional):

     ```sh

     sudo nano /etc/ssh/sshd_config

     ```

     Change the port number (e.g., `Port 2222`) and restart SSH:

     ```sh

     sudo systemctl restart ssh

     ```


5. **Configure a Firewall**:

   ```sh

   sudo ufw allow OpenSSH

   sudo ufw enable

   sudo ufw status

   ```


6. **Install Fail2Ban to Protect Against Brute-Force Attacks**:

   ```sh

   sudo apt install fail2ban

   sudo systemctl enable fail2ban

   sudo systemctl start fail2ban

   ```


7. **Set Up Unattended Upgrades**:

   ```sh

   sudo apt install unattended-upgrades

   sudo dpkg-reconfigure --priority=low unattended-upgrades

   ```


8. **Install and Configure a Web Server** (if needed):

   - **Apache**:

     ```sh

     sudo apt install apache2

     sudo ufw allow 'Apache Full'

     ```

   - **Nginx**:

     ```sh

     sudo apt install nginx

     sudo ufw allow 'Nginx Full'

     ```


9. **Install a Database Server** (if needed):

   - **MySQL/MariaDB**:

     ```sh

     sudo apt install mysql-server

     sudo mysql_secure_installation

     ```

   - **PostgreSQL**:

     ```sh

     sudo apt install postgresql postgresql-contrib

     ```


10. **Set Up Swap Space** (if needed):

    ```sh

    sudo fallocate -l 4G /swapfile

    sudo chmod 600 /swapfile

    sudo mkswap /swapfile

    sudo swapon /swapfile

    sudo nano /etc/fstab

    ```

    Add the line: `/swapfile none swap sw 0 0`


11. **Install Essential Software**:

    ```sh

    sudo apt install build-essential curl wget git

    ```


12. **Configure Automatic Backups**:

    Set up a backup strategy using tools like `rsync`, `duplicity`, or a cloud-based solution.


13. **Monitor System Performance and Logs**:

    - Install and configure monitoring tools like `htop`, `glances`, `vnstat`, and `logwatch`.

    - Consider setting up a more comprehensive monitoring solution like Nagios, Zabbix, or Prometheus.


14. **Enable and Configure AppArmor or SELinux** (if security is a priority):

    - AppArmor is enabled by default on Ubuntu, but you can ensure it’s active and configure profiles as needed.

    - SELinux can be installed and configured, though AppArmor is more commonly used on Ubuntu.


By following these steps, you'll ensure that your new Ubuntu Server installation is secure, functional, and ready for any specific applications or services you need to run.

Comments

Post a Comment