Initial Server Setup for Ubuntu 22.04 LTS

Table of Contents

Setting up a new Ubuntu 22.04 LTS server? Follow this detailed guide to configure your server for enhanced security, manageability, and performance.

Why Configure Your Ubuntu 22.04 LTS Server?

Setting up your server immediately after installation ensures:

Improved security with firewall and SSH settings.
Streamlined management with user accounts and privileges.
A strong foundation for software and service installation.

Step 1: Logging in as Root

After setting up your Ubuntu 22.04 server, your first task is logging in as the root user.

Logging in via SSH

You’ll need:

The public IP address of your server.
The root password or an SSH private key.

Use the following command to log in:

ssh root@your_server_ip

Accept the authenticity warning if prompted.
Provide the root password or the SSH key’s passphrase.

If this is your first login, you may be required to change the root password. Once logged in, proceed to set up a regular user account.

Step 2: Creating a New User

Create a new user with limited privileges for everyday tasks. Replace username with your desired username:

adduser username

You’ll be prompted to:

Enter a strong password.
Optionally, provide additional user information (you can press ENTER to skip).

Step 3: Granting Administrative Privileges

To allow your new user to perform administrative tasks, grant them sudo privileges.

Add User to the Sudo Group

Run the following command as root:

usermod -aG sudo username

This enables the new user to execute commands with administrative privileges by using sudo. For example:

sudo apt update

Step 4: Setting Up a Basic Firewall

Ubuntu 22.04 includes UFW (Uncomplicated Firewall), a simple yet powerful tool to secure your server by controlling incoming traffic.

Enable UFW and Allow SSH

Start by allowing SSH connections to avoid locking yourself out:

ufw allow OpenSSH

Enable the Firewall

Activate UFW with the following command:

ufw enable

Confirm the firewall is active and SSH is allowed:

ufw status

Output:

Status: active
To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere

Step 5: Configuring SSH Access for Your New User

Before logging out of the root account, ensure your new user can log in via SSH.

Option A: Password Authentication

If the root account uses a password, you can SSH into the new user account:

ssh username@your_server_ip

Enter the password for your new user to log in.

Option B: SSH Key Authentication

If the root account uses SSH keys, copy the .ssh directory from the root account to your new user’s home directory:

rsync --archive --chown=username:username ~/.ssh /home/username

Now, test the login:

ssh username@your_server_ip

Step 6: Optimizing the Server for Production

Once your server is set up, consider implementing the following optimizations:

Update and Upgrade the System
Keep your server updated to ensure security and stability:
```
sudo apt update && sudo apt upgrade -y
```
Set Up SSH Key Authentication
Follow this guide to improve security by using key-based authentication.
Install Common Tools
Add frequently used tools like Git, Vim, and Curl:
```
sudo apt install git vim curl -y
```

Step 7: Additional Security Enhancements

Disable Root Login
To prevent unauthorized access, disable root login over SSH:
```
sudo nano /etc/ssh/sshd_config
```
- Locate PermitRootLogin and change its value to no.
- Save the file and restart the SSH service:
```
sudo systemctl restart ssh
```
Configure Fail2Ban
Install and configure Fail2Ban to protect against brute-force attacks:
```
sudo apt install fail2ban -y
```

how to setup ubuntu server for web hosting

Setting up an Ubuntu Server for web hosting involves installing and configuring a web server (like Apache or Nginx), setting up a database server (like MySQL or PostgreSQL), and configuring security settings. Here’s a step-by-step guide for setting up a basic Ubuntu server for web hosting:

Prerequisites:

A Ubuntu Server instance (e.g., on a VM or dedicated server).
A root or sudo user with admin privileges.
A domain name (optional for hosting).

Step 1: Update the System

Before starting, ensure your system is up-to-date.

sudo apt update && sudo apt upgrade -y

Step 2: Install Apache Web Server

Apache is one of the most common web servers. You can install it with the following command:

sudo apt install apache2 -y

After installation, the Apache service should start automatically. You can verify it’s running:

sudo systemctl status apache2

You can check if Apache is working by visiting your server’s IP address in a web browser (e.g., http://<your_server_ip>). You should see the default Apache landing page.

Step 3: Install PHP (Optional, if you need dynamic content)

PHP is commonly used for running dynamic websites (e.g., WordPress, Laravel, etc.). Install PHP along with required modules:

sudo apt install php libapache2-mod-php php-mysql -y

After installing PHP, you can verify the installation by creating a info.php file in the web root:

echo "<?php phpinfo(); ?>" | sudo tee /var/www/html/info.php

Visit http://<your_server_ip>/info.php in a browser. You should see a PHP info page displaying details about your PHP installation.

Step 4: Install MySQL (Database Server)

If you need a database server, MySQL is commonly used for web hosting.

sudo apt install mysql-server -y

After installation, secure MySQL by running the following command to set a root password and remove insecure settings:

sudo mysql_secure_installation

You can check if MySQL is running with:

sudo systemctl status mysql

Step 5: Configure Apache for Web Hosting

Create a directory for your website files:

sudo mkdir /var/www/html/mywebsite

Change the ownership of the directory so Apache can serve your files:

sudo chown -R $USER:$USER /var/www/html/mywebsite

Create a sample index.html file for your website:

echo "<html><body><h1>Welcome to My Website</h1></body></html>" | sudo tee /var/www/html/mywebsite/index.html

Now, create a virtual host configuration file for your website:

sudo nano /etc/apache2/sites-available/mywebsite.conf

Add the following configuration:

<VirtualHost *:80>
    ServerAdmin [email protected]
    ServerName mywebsite.com
    DocumentRoot /var/www/html/mywebsite
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Enable the new site configuration:

sudo a2ensite mywebsite.conf

Disable the default Apache site (optional):

sudo a2dissite 000-default.conf

Reload Apache to apply the changes:

sudo systemctl reload apache2

Step 6: Install SSL (Optional for HTTPS)

It’s important to secure your website with SSL. You can use Let’s Encrypt to get a free SSL certificate.

Install Certbot:

sudo apt install certbot python3-certbot-apache -y

Obtain and install the SSL certificate:

sudo certbot --apache

Follow the prompts to configure SSL for your website.
After completion, your site should be accessible over HTTPS.

Step 7: Configure Firewall

Ensure your server’s firewall allows HTTP and HTTPS traffic. If you’re using UFW (Uncomplicated Firewall), allow these services:

sudo ufw allow 'Apache Full'

Check the status:

sudo ufw status

Step 8: Upload Your Website Files

If you have existing website files, upload them to /var/www/html/mywebsite/.

You can use SFTP, FTP, or simply copy files directly via scp.

Step 9: Test the Website

Finally, test your website by visiting your server’s IP address or domain name in a browser (e.g., http://mywebsite.com or http://<your_server_ip>).

Step 10: Optional: Install PHPMyAdmin (for managing MySQL)

If you want a web interface to manage your MySQL databases, install PHPMyAdmin:

sudo apt install phpmyadmin -y

During installation, select Apache2 as the web server and choose dbconfig-common to configure the database.
Access PHPMyAdmin by visiting http://<your_server_ip>/phpmyadmin.

FAQs

Why should I create a new user?

Using the root account regularly increases the risk of accidental or malicious changes. A regular user with sudo privileges provides a safer alternative.

What is UFW?

UFW is Ubuntu’s built-in firewall, designed to simplify managing incoming and outgoing traffic.

How do I set up SSH keys?

Check our detailed SSH Key Setup Guide for Ubuntu 22.04 for step-by-step instructions.

Conclusion

By completing this initial server setup for Ubuntu 22.04 LTS, you’ve laid a secure and efficient foundation for your server. Whether you’re setting up a web server, database server, or other applications, you’re now ready to proceed confidently.

Looking for more tips? Explore Ubuntu 22.04 tutorials to maximize your server’s potential!

How to install Ubuntu on VirtualBox?