How to Secure an Ubuntu Linux Server for Production
Securing a production Linux server is one of the most important responsibilities of a system administrator. A poorly configured server can become an easy target for brute-force attacks, malware, unauthorized access, and service disruption.
In this guide, Iโll share essential steps to harden and secure an Ubuntu server for production environments.
1. Update Your Server Regularly
Always keep your system packages updated to patch security vulnerabilities.
sudo apt update && sudo apt upgrade -y
You should also remove unused packages:
sudo apt autoremove -y
2. Create a Non-Root User
Avoid using the root user directly for daily administration tasks.
Create a new user:
sudo adduser adminuser
Add the user to the sudo group:
sudo usermod -aG sudo adminuser
3. Disable Root SSH Login
Root login through SSH is a major security risk.
Edit the SSH configuration file:
sudo nano /etc/ssh/sshd_config
Find:
PermitRootLogin yes
Change it to:
PermitRootLogin no
Restart SSH:
sudo systemctl restart ssh
4. Change the Default SSH Port
Changing the default SSH port helps reduce automated brute-force attacks.
Inside the SSH config file:
Port 2222
Restart SSH:
sudo systemctl restart ssh
Remember to allow the new port in your firewall.
5. Configure UFW Firewall
Ubuntu comes with UFW (Uncomplicated Firewall).
Allow required services:
sudo ufw allow 2222/tcp
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
Enable the firewall:
sudo ufw enable
Check status:
sudo ufw status
6. Install Fail2Ban
Fail2Ban blocks repeated failed login attempts automatically.
Install it:
sudo apt install fail2ban -y
Enable and start the service:
sudo systemctl enable fail2ban
sudo systemctl start fail2ban
Check status:
sudo fail2ban-client status
7. Use SSH Key Authentication
SSH keys are much safer than passwords.
Generate SSH keys on your local machine:
ssh-keygen
Copy the public key to the server:
ssh-copy-id user@server-ip
Then disable password authentication:
PasswordAuthentication no
Restart SSH afterward.
8. Secure Docker Containers
If you use Docker in production:
- Avoid running containers as root
- Keep images updated
- Use trusted images only
- Limit exposed ports
- Scan images for vulnerabilities
Update Docker regularly:
sudo apt update
sudo apt install docker-ce docker-ce-cli containerd.io
9. Enable Automatic Security Updates
Install unattended upgrades:
sudo apt install unattended-upgrades -y
Enable automatic security updates:
sudo dpkg-reconfigure unattended-upgrades
10. Monitor Logs and System Activity
Regular monitoring helps detect suspicious activity early.
Useful commands:
sudo journalctl -xe
sudo tail -f /var/log/auth.log
You can also use tools like:
- Prometheus
- Grafana
- Netdata
- Uptime Kuma
11. Backup Your Server
Always maintain secure backups.
Recommended practices:
- Daily automated backups
- Offsite storage
- Database dumps
- Backup verification
Tools:
- rsync
- BorgBackup
- Restic
- Rclone
Final Thoughts
Server security is not a one-time setup. Itโs an ongoing process that requires continuous monitoring, updates, and optimization.
A properly secured Ubuntu server reduces risks, improves reliability, and helps maintain stable production environments.
If youโre managing Linux servers in production, implementing these security practices is essential.
linux #ubuntu #security #devops
Top comments (0)