Welcome to Part 4 of our Ubuntu Blog Series. So far, we’ve introduced Ubuntu, installed it on a VPS, and learned essential commands. But before you start deploying apps or hosting websites, there’s one step you can’t skip: security.

An unsecured server is an open door to attackers. Fortunately, a few simple practices can dramatically improve your Ubuntu VPS security. Let’s walk through them.

1. Create a Non-Root User

By default, you log in as root. While powerful, it’s risky—one wrong command can break everything. Create a safer user:

adduser yourusername
usermod -aG sudo yourusername

Now you can log in with your new user for daily tasks.

2. Use SSH Keys Instead of Passwords

Passwords can be guessed. SSH keys are far more secure.

On your local machine:

ssh-keygen -t rsa -b 4096

Copy it to your server:

ssh-copy-id yourusername@your-vps-ip

From now on, you log in securely without typing a password.

3. Enable a Firewall (UFW)

Ubuntu includes Uncomplicated Firewall (UFW). Turn it on to control incoming traffic:

sudo ufw allow OpenSSH
sudo ufw enable
sudo ufw status

This ensures only necessary services (like SSH or web servers) are accessible.

4. Keep Software Updated

Updates patch vulnerabilities. Make it a habit to run:

sudo apt update && sudo apt upgrade -y

For automated updates:

sudo apt install unattended-upgrades

5. Disable Root Login

Once you’ve set up a user with sudo access, disable root login in the SSH config:

sudo nano /etc/ssh/sshd_config

Find:

PermitRootLogin yes

Change it to:

PermitRootLogin no

Then restart SSH:

sudo systemctl restart ssh

6. Monitor Activity

Install monitoring tools to keep an eye on what’s happening:

• Fail2Ban → Blocks IPs after repeated failed login attempts.

sudo apt install fail2ban

• htop → View processes and resource usage in real-time.

• logwatch → Analyze logs and email reports.

7. Backups Are Security Too

Even the best-secured system can fail. Always have automated backups of your critical files and databases. With Raff, you can schedule snapshots of your VPS for peace of mind.

Security doesn’t have to be complicated. With a few steps creating a non-root user, using SSH keys, enabling UFW, and keeping everything updated you dramatically reduce risks.

In Part 5 of our Ubuntu Blog Series, we’ll explore Advanced Ubuntu for Developers and Teams—covering Docker, cron jobs, and performance monitoring.

Secure your server today, and you’ll thank yourself tomorrow.