Initial Server Setup Guide for Ubuntu 22.04

Properly setting up your server lays the foundation for everything that follows, from software installation to configuration tweaks.

It’s a critical first step that ensures smooth operation and optimal performance.

So, let’s begin the initial server setup process for Ubuntu 22.04, ensuring we start on the right foot.

Preparation

To make the most of this guide, ensure you have a server running Ubuntu. If you don’t have one, consider getting a free VPS server to follow along.

Following along on your own server will enhance your understanding and practical experience.

Step 1: Updating the Server

After connecting to your VPS server, you may encounter a message indicating that there are packages, including security patches, available for updating.

Using outdated software may exposes your server to security vulnerabilities.

Therefore, the first step in securing and maintaining your server’s health is to update your server’s packages and download any available security patches.

Begin by updating the package list on your server with the following command:

apt update

This command prompts the server to scan the server’s packages and identify those requiring updates, including security patches.

Once this is done, run the following command to update your server’s packages that need updating:

apt upgrade

The server may ask for confirmation by displaying a prompt that requires a yes or no response. Make sure to type yes.

The updating process may take a while, depending on the number of updates needed.

Note: While some people reboot the server immediately after updating, I prefer doing this at the end of the server setup process to ensure all changes take effect.

Regularly updating your server is not just recommended – it’s essential. Updates provide critical security patches, performance improvements, and software bug fixes.

Neglecting updates can leave your server vulnerable to attacks.

Also, remember to enable automatic security updates to keep your server secure.

Step 2: Adding a Non-Root User

The root user has total control over the entire server. It is very easy to make mistakes when running commands using root, as you can accidentally break your server.

It’s safer to use a non-root user, requiring the sudo prefix for administrative commands and a password prompt.

This slight difference in permission levels makes sure you proceed carefully, as trying to execute commands without the sudo prefix will result in error messages.

To create a new user, simply use the command:

adduser username

The server will ask for a password and some optional details. If you’re in a hurry, just hit ENTER.

Now, we need to grant this user root privileges by making them part of the sudo group:

usermod -aG sudo username

To check that the new user is good to go, log out with the logout command and connect back to your server with the new user.

Try running the apt update command. It should not work directly, as you need to run the command like this: sudo apt update and then enter your password.

Step 3: Changing Server Hostname

Setting a meaningful hostname for your servers is like giving them a name tag – it makes them easily recognizable and more user-friendly.

This comes in handy when you want to double-check that you’re working on the right server, reducing the chances of accidentally messing with the wrong one.

But, there are two main reasons why setting a hostname is important:

  • Some programs need the hostname to work correctly. Properly configuring a server’s hostname is essential for certain network services to function as they should.
  • If a server’s hostname can’t be resolved to an IP address, it can cause communication and networking issues. This may result in timeouts, connection errors, and other unexpected behavior.

To change the hostname, use the following command:

hostnamectl set-hostname yourservername.yourdomain.com

Typically, a hostname has two parts: the server name and the domain name.

For instance, if you’re naming your server myserver and your domain is example.com, your hostname would be myserver.example.com.

Note: Make sure to add an A record for your hostname.

Step 4: Changing Timezone

Setting the timezone for your server is important because it ensures that the server’s clock matches the correct time in your specific location.

If the server’s timezone is not set right, it can cause problems like wrong timestamps on log files, scheduling issues with tasks (cronjobs), and other issues that depend on accurate time information.

Use the following command to list the available timezones:

timedatectl list-timezones

This will show you a long list of timezones to choose from.

Once you’ve picked the right one, type the following command to set it:

timedatectl set-timezone yourtimezone

Your server is now in sync with the correct timezone.

Step 5: Setting Up a Firewall

Setting up a firewall for a new server is crucial. A firewall helps control the traffic going in and out of the server, making sure only authorized entities can access specific ports.

It is like having a smart bouncer for your Ubuntu server – it filters who gets in and who goes out, ensuring only the right guests are welcomed.

We’ll use the Uncomplicated Firewall (UFW) to set up a firewall.

UFW is a user-friendly utility crafted to streamline the configuration and administration of firewall rules, particularly iptables rules.

On Debian-based distributions, like Ubuntu, it often comes pre-packaged. You can check and install it using:

apt install ufw

Many server providers configure the UFW firewall during the server deployment process to allow only SSH connections, enabling you to connect to the server.

You can check the status of UFW and your current ruleset using this command:

ufw status

The output of the command will either indicate that UFW is inactive, which is fine, or that it is active with your current rule set.

UFW comes with a default policy that blocks all incoming traffic while allowing all outgoing traffic. This implies that no one can reach our server, but our server can communicate with the outside world.

Since there is no issue with our server reaching the outside world, there is no need to make any changes to that aspect.

However, since UFW blocks all incoming traffic by default, we should only open the necessary ports and permit traffic through them.

SSH connections use port 22, and we want to ensure that our firewall allows traffic on this port so that we can access our server again.

Allow SSH connections by using the following command:

ufw allow 22/tcp

Now enable the firewall by using this command:

ufw enable

Type y and press ENTER to proceed.

If you check the current status of UFW, you will see that it is active, and there is now only one rule allowing traffic on port 22, which we just added.

Output
Status: active

To                        Action      From
--                        ------      ----
22/tcp                    ALLOW       Anywhere                  
22/tcp (v6)               ALLOW       Anywhere (v6)

The firewall is currently blocking all traffic except for SSH.

If you install and configure additional services, you will need to adjust the firewall settings to permit traffic to your server for the new services.

For instance, if you install a web server like NGINX or Apache, you should allow traffic on ports 80 (HTTP) and 443 (HTTPS).

Step 6: Rebooting

Now, let’s give the server a little reboot to make sure everything takes effect. Use the following command to reboot it:

sudo reboot

What To Do Next

Now, it’s time to take the security of your server up a notch.

I’ve put together a comprehensive guide on server hardening, covering essential steps for better security.

Make sure to check it out!

Conclusion and Final Thoughts

Great job on setting up your Ubuntu server!

I hope this guide has been super helpful for you.

If you found value in this guide or have any questions or feedback, please don’t hesitate to share your thoughts in the comments section below. Your input is greatly appreciated, and you can also contact me directly if you prefer.

Newsletter

I'm excited to share my knowledge and experience! Subscribe to my newsletter for the latest updates. πŸ‘‡

Leave a Reply

Your email address will not be published. Required fields are marked *