One of the key aspects to security on Linux systems is the regular updates the community makes to the distribution and packages. A lot of those updates are meant to improve security and fix potential vulnerabilities. For this reason, it’s important to keep your system up to date, especially on a publicly available server. But doing it manually would be a time consuming process, it would involve regularly login into your server and running updates. Instead, it’s much easier to configure a tool that will do it automatically for you. In this article we’ll learn how to enable automatic security updates on Ubuntu, using unattended-upgrades.
The main tool to set up the firewall on Ubuntu is iptables. It is powerful, but very complicated to learn. Fortunately, there is an alternative called UFW (for Uncomplicated FireWall), that is described by Ubuntu as “a frontend for iptables”. Basically, UFW lets you set rules for your firewall in a much easier way that iptables does. Let’s learn how to set some basic rules using UFW!
In this series of tutorials we’ll take a look at basic server security, and in this first article we’ll learn how to improve SSH security. Any machine connected to the Internet immediately becomes a potential target to any kind of attack (hackers, automatic bots, …). Security is somewhat less of a concern for regular Web hosting (shared hosting or managed hosting for example), as most of it is managed by your hosting provider. Servers that you fully manage, however, come with absolutely no security out of the box. This is the case for most dedicated servers, VPS (Virtual Private Servers) and Cloud platforms (AWS, Google Cloud, …).