Tahapan Awal Setelah Punya VPS

Dea Afrizal

16 May 202418:49

Summary

TLDRThis tutorial walks viewers through the essential steps of securing a newly set-up VPS server. The video covers important tasks such as changing SSH port to enhance security, creating new user accounts to prevent root access, and configuring firewall rules to control server traffic. The tutorial also explains basic server maintenance, like updating the system and adding new software packages. The guide is tailored for users with Ubuntu 20.04, ensuring they follow along seamlessly for optimal security and server setup. Aimed at beginners and intermediate users, this video helps them build a solid foundation for their VPS server management.

Takeaways

😀 Make sure to start by setting up your VPS with the correct Ubuntu version (preferably Ubuntu 20.04) for consistency and smoother configuration.
😀 Always perform an APT update and upgrade as the first steps after logging into your VPS to ensure the server is up-to-date.
😀 Change the default SSH port (22) to a custom port, like 2221, to enhance security and make it harder for attackers to guess the port.
😀 To change the SSH port, edit the SSH config file (/etc/ssh/sshd_config), update the 'Port' directive, and restart the SSH service.
😀 When accessing your server after changing the SSH port, make sure to specify the new port number using the '-p' option in the SSH command.
😀 Create a new user (instead of using root) to improve security, and set up a password for that user.
😀 After creating a new user, add them to the 'sudo' group to grant them administrative privileges for running system-level commands.
😀 To prevent root access via SSH, modify the SSH config file to disable root login by setting 'PermitRootLogin' to 'no'.
😀 Set up a firewall using UFW (Uncomplicated Firewall) to manage which ports are accessible on your server, allowing only necessary services.
😀 When configuring the firewall, always allow the necessary ports (e.g., SSH, HTTP) and then enable the firewall to restrict unwanted traffic.

Q & A

What is the first step after acquiring your own VPS server according to the transcript?
-The first step is to secure the server by creating a user account and setting up a firewall to prevent unwanted access.
Why does the speaker recommend using Ubuntu 20 for this tutorial?
-The speaker found that Ubuntu 20 provides a more familiar environment for their server setup compared to newer versions like Ubuntu 24, which had different configurations and caused some confusion.
What is the purpose of changing the default SSH port from 22?
-Changing the default SSH port is a basic security measure to make it harder for unauthorized users to guess the port and gain access.
How can you change the SSH port in Ubuntu?
-You can change the SSH port by editing the '/etc/ssh/sshd_config' file, commenting out the existing port line, and adding a new line with your desired port number.
What command should you use to restart the SSH service after making changes?
-You should use the command 'systemctl restart sshd' to restart the SSH service and apply the changes.
What does the speaker suggest to do after creating a new user account?
-The speaker suggests granting the new user account sudo privileges so that it can perform administrative tasks without logging in as the root user.
What command is used to add a user to the sudo group?
-The command used is 'usermod -aG sudo username', replacing 'username' with the name of the user you want to grant sudo access to.
Why is it important to disable root login via SSH?
-Disabling root login via SSH adds an extra layer of security, as it requires users to authenticate through a standard user account first.
What is the function of the UFW firewall mentioned in the transcript?
-The UFW firewall is used to control incoming and outgoing traffic to the server by allowing or denying access to specific ports.
How can you check the status of UFW and see which ports are allowed?
-You can check the status of UFW and see the allowed ports by running the command 'ufw status'.