There’s a great post about securing your new linux server (ubuntu) here:
I wanted to summarize here and explain some details.
- To start, create a password for your user (root)
- Make a new user for day to day logins (production)
- Require ssh logins instead of username/password
- Remove root login
- Only allow login from specific IP (if using a static IP)
- White list only the ports you need, disable everything else
- Enable automatic updates
You should be all set! There’s of course more detail at the other page, but in general, these steps will ensure you have a decently secure system.
Now all you need to do is watch what you upload to the server!