← Back to Blog

Ubuntu Server Hardening Guide 2026

Ubuntu is one of the most widely used Linux server platforms. Proper hardening significantly reduces the attack surface and helps protect against brute-force attacks, privilege escalation, malware, and unauthorized access.

1. Keep Ubuntu Updated

sudo apt update
sudo apt upgrade -y
sudo apt autoremove -y

2. Create a Non-Root Administrator

sudo adduser adminuser
sudo usermod -aG sudo adminuser

3. Secure SSH Access

Edit:
sudo nano /etc/ssh/sshd_config
Recommended settings:
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes
MaxAuthTries 3
ClientAliveInterval 300
Restart SSH:
sudo systemctl restart ssh

4. Configure SSH Key Authentication

Generate key:
ssh-keygen -t ed25519
Copy key:
ssh-copy-id user@server-ip
Benefits:

5. Enable UFW Firewall

Example:
sudo ufw default deny incoming
sudo ufw default allow outgoing

sudo ufw allow 22/tcp
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp

sudo ufw enable
Verify:
sudo ufw status verbose

6. Install Fail2Ban

Install:
sudo apt install fail2ban -y
Verify:
sudo fail2ban-client status sshd
Benefits:

7. Enable Automatic Security Updates

Install:
sudo apt install unattended-upgrades -y
Enable:
sudo dpkg-reconfigure unattended-upgrades

8. Disable Unused Services

Check services:
sudo ss -tulpn
Disable unnecessary services:
sudo systemctl disable service-name
sudo systemctl stop service-name

9. Monitor Open Ports

Check listening ports:
sudo ss -tulpn
Only expose:

10. Enable Audit Logging

Install:
sudo apt install auditd -y
Check:
sudo systemctl status auditd
Benefits:

11. Protect Docker Deployments

Review:
docker ps
docker images
docker network ls
Best practices:

12. Configure Log Monitoring

Useful logs:
/var/log/auth.log
/var/log/syslog
/var/log/nginx/access.log
/var/log/nginx/error.log
Monitor:

13. Secure Web Servers

Enable:

14. Malware Detection

Install:
sudo apt install clamav clamav-daemon -y
Run scan:
sudo clamscan -r /

15. Backup Strategy

Recommended:

Security Checklist

✓ SSH Hardened
✓ Root Login Disabled
✓ UFW Enabled
✓ Fail2Ban Enabled
✓ Automatic Updates Enabled
✓ Audit Logging Enabled
✓ Backups Configured
✓ Docker Hardened
✓ HTTPS Enabled
✓ Security Monitoring Active

Conclusion

Ubuntu hardening is an ongoing process rather than a one-time activity. Combining strong access controls, firewall protection, monitoring, patch management, and backup strategies creates a secure and resilient Linux server environment.


Author: Nageshwar Rao
Network Security Engineer | Cyber Security Consultant