So, you need a Linux Sever (VPS, VM or BOX)
In my case I always use the following Linux Server distributions:
- CentOS: https://www.centos.org
- Ubuntu Server: https://www.ubuntu.com
Depending on my needs, but as iOS developer I use always the Ubuntu, so, I can install the Apple Swift, the most powerful developing language that I know, including for server side development.
Okay, this is my personal vision and opinion 🙂
Now, let’s start the setup of the Linux Ubuntu Server 18.4 LTS (Long Term Support):
First step, perform the default Ubuntu Server installation and keep the server connect to the internet, and after, do follow the next steps:
In the process you have to create a user for perform the administration process without use the root user, so create the user that will be the system administrator and keep your password protected as also the username, to avoid security issues in the future.
Note: your Ubuntu Server (VPS, VM or BOX) needs to be connect to the internet to perform the following steps.
1, Update the installation, on terminal execute the following commands:
sudo apt update
sudo apt upgrade
Nota: this is a “just in” case action.
2, Enable the ssh service, if not enabled already:
sudo apt install ssh
sudo systemctl enable sshd.service
sudo systemctl start sshd.service
OR
sudo systemctl restart sshd.service
You can check ssh config, with the following command
sudo nano /etc/ssh/sshd_config
3, Enable the firewall, this is one of the most important steps:
sudo ufw enable
Check is status, using the following command
sudo ufw status
4, Add the ssh service ports to the firewall, to allow the ssh access, if you don’t want to open the ssh access to your server don’t perform this step, you can access to the terminal using the cockpit project, that I’ll explain on the next step:
sudo ufw allow ssh
sudo ufw allow OpenSSH
Reload the firewall and check is status
sudo ufw reload
sudo ufw status
5, Install the cockpit project, this is a very cool way to manage you Server or Servers
sudo apt install cockpit
Add the cockpit port to the firewall
sudo ufw allow 9090/tcp
Reload the firewall and check is status
sudo ufw reload
sudo ufw status
Now you need to check your machine IP, and open the following url (https://machine_ip:9090/) on a machine using your favorite web browser.
6, If you open the ssh Port on your firewall, lets install fail2ban, one more important security measure. This will kick out attackers after 3(n) failed login attempts :
sudo apt install fail2ban
Enable the fail2ban service, and restart it
sudo systemctl enable fail2ban
sudo service fail2ban restart
At this point you have a default and secure Ubuntu Server installation, and ready to be what have you need or want 🙂
On the next post we’ll perform the necessary steps to setup an LAMP Server