Got a new Ubuntu VPS? That’s great. You can now start using it and experience all the advantages of a Linux VPS. If you moved from shared hosting to a VPS, even better, you can now directly compare your experience with shared hosting and VPS hosting. This guide will help you get started with your Ubuntu 16.04 VPS.
This guide is targeted towards beginners, although other intermediate users can still use it and find useful tips and tricks for their server. We’ve included instructions and linked to our tutorials for each step you need to take, but they still may vary depending on your setup. If you don’t know what you are doing and just want to use a server, get a Managed VPS from us and leave the server work to us. We’ll set up, configure and secure your server for free.
Connect to your VPS
This may seem obvious, but before you can do anything, you must connect to your VPS. There are different ways of logging into your VPS, depending on which OS you use. You can check our post and follow the instructions for your OS, be it Windows, Mac, or Linux.
Update your server
First thing you always need to do – update your server. You can update your Ubuntu VPS with the following command:
apt-get update && apt-get upgrade -y
This command will update all your system’s packages to their latest version. You should regularly update your VPS. You can set a reminder to do it, or you can set up automatic updates.
Secure your server
Don’t start doing anything until you properly configure and secure your server. We can’t stress properly enough. If you’re a beginner and don’t know much about Ubuntu servers or security, get a Managed Ubuntu VPS from us and our expert Linux admins will properly secure your server.
Two-Factor Authentication essentially means you’ll need a code that’s sent to your phone in order to log in to your VPS. You can follow our tutorial and set up 2FA on your Ubuntu 16.04 VPS. Enabling 2FA will prevent other unauthorized users from logging into your server.
Use SSH keys
Another way of securing your server by preventing unwanted access is to use SSH keys. This will prevent anyone from logging into your server without a unique combination of a private and public key, which you must add to your server.
Use a strong password
Everywhere. Not just your server. Use a strong password in the client area, use a strong password in your CMS, use a strong password in your database. You can generate a password from the command line too. It is recommended that you use different passwords for each login/service.
The combination of a strong password along with SSH keys and 2FA ensures maximum security when it comes to unauthorized access to your VPS.
Change the default SSH port
The default SSH port is 22, so you should change it as that’s the most common port that gets attacked. Although it’s relatively easy to “sniff out” the port your server is using, you should still not use the default one as it can prevent some attacks. It will only take a few minutes and it may save you days worth of work from the attacks you’ll receive if you continue using the default port.
Set up a firewall
One of the security tweaks you can do on your server is to set up a firewall. There are several ways of doing it – a couple of them are using iptables and using UFW. Follow the appropriate tutorial and configure your firewall. Make sure to closely follow the tutorial, because you can block yourself out of your server or misconfigure the firewall and block all traffic to your websites. Make sure you know what you’re doing, or, again, get a Managed VPS and let professionals do it for you.
You can also use fail2ban to prevent brute-force attacks on your SSH, HTTP, FTP, SMTP etc.
Using a LEMP (Linux, Nginx, MySQL, PHP) stack? Follow our tutorial on securing your whole LEMP stack.
Use an SSL certificate for your websites
You should always use SSL (https) on your websites. Having an SSL certificate on your website is even considered a ranking factor by Google, so you’ll improve your search engine visibility, as well as your security. By using SSL, you’ll also increase your user’s trust factor.
Don’t forget to redirect all traffic from HTTP to HTTPS after you install your SSL.
Backup your server
It’s always smart, recommended, and essential to have backups. You never know when and what could go wrong, and a backup will really come in handy if something does go wrong. If you get a VPS from us, you’ll have an automatic, full backup of your VPS on a weekly basis, for free! Sure, you can manually copy all your files and data each time you want to do a backup, but it gets really repetitive and it will take up a lot of your time. If you don’t have automatic backups, make sure to manually backup your server before doing any changes on the server or the apps running on your server.
Set up monitoring
You’ll want to monitor your server and know whether or not it’s up and running. You can use an app like Icinga. You can also use our free server monitoring service and stay updated on your server’s uptime. This is where a 24/7 support team can come in handy. Misconfigured your server at 3 AM and now your website’s down? No problem. Our EPIC 24/7 Support team is online and ready to help.
Use a control panel (optional)
Even though you’re using a Linux VPS, which by default is only managed by the command line interface, you can still use a control panel like cPanel or DirectAdmin and manage your VPS via a GUI. There are also some open source alternatives. However, if you can and know how to manage your server without a control panel, it’s recommended not to use one, as it will just cause unnecessary load on your server.
Set up a mail server
Be careful, though! Setting up a self-hosted mail server is a long and difficult process which requires constant monitoring and frequent configuring. We have dozens of tutorials on how to set up a mail server. If you need a mail server and don’t really know how to set it up, get a VPS from us and we’ll set up a mail server for you, for free. You can set up a mail server using Mail-in-a-Box which is (relatively) easy. You can also manually set up and configure a mail server using PostfixAdmin. After all, you get full root access (full control) to your Managed VPS from RoseHosting.com, so you are free to install almost any software you want.
Install an (S)FTP server
You most likely need an FTP server. It’s recommended to use secure FTP (SFTP). You can install VSFTPD, which is free and open source, and relatively easy to set up. Don’t forget to use a strong password for the FTP users.
Install applications you need
Install any self-hosted application that you plan on using. There are hundreds of options. Each application requires a different set of services and has different prerequisites, so find a tutorial for the specific app you want to use. You can check our VPS Hosting Stacks for a small portion of the apps and services we support. All our hosting plans are fully managed with free 24/7 support, so we will install, configure and optimize any application on your server, for free.
Explore and have fun!
There are many things that you can do on your Ubuntu VPS. You can follow us on social media and check our #RoseTips, which are fun and useful tips and tricks for your Linux server. We also have a post on our blog for some quick tips and tricks.
We also have some other recommended resources that you can use. Check the other resources on our blog for more information and tutorials.