Setting up an Ubuntu server from scratch

1. Update existing packages

apt-get update && apt-get upgrade
apt autoremove && apt clean

2. Secure SSH

> sudo nano /etc/ssh/ssd_config
Port 29
PermitRootLogin prohibit-password
PubkeyAuthentication yes

3. Enable UWF

> sudo nano /etc/default/ufw
IPV6=yes

Then run:

sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw allow 29
sudo ufw enable
sudo ufw status numbered

4. Enable SWAP

Check what is enabled:

sudo swapon --show
free -h

Create SWAP:

sudo fallocate -l 2G /swapfile
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
ls -lh /swapfile

Make changes permanent:

sudo cp /etc/fstab /etc/fstab.bak
echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab

> sudo nano /etc/sysctl.conf
vm.swappiness=10
vm.vfs_cache_pressure=50

Check again:

cat /proc/sys/vm/swappiness
cat /proc/sys/vm/vfs_cache_pressure

5. Set correct timezone

dpkg-reconfigure tzdata