Setting up a Virtual Private Server (VPS) using Linux can seem intimidating at first, but it’s a straightforward process when broken into clear, manageable steps. A VPS is a robust tool that provides reliable resources within a shared hosting environment, offering greater control, flexibility, and implementation compared to traditional shared hosting.
Whether you’re hosting a website, running applications, or managing a development environment, this manual will walk you through the necessary steps to set up your VPS efficiently and effectively using Linux. If you need a Windows VPS, you can use the services available at: https://serverspace.com.br/services/vps-server/windows/.
Essential first steps for VPS configuration
Once you deploy a VPS, it’s time to configure it. Here are the essential first steps to follow if you are using Linux:
1. Create a new user and grant permissions
By default, VPS instances often come with a root user. Since root gives unrestricted access to the system, using it directly can be risky.
Instead, make a new user with limited privileges. Here’s how:
In SSH client, input these commands:
- adduser newuser
- usermod -aG sudo newuser
Replace new user with your desired username.
2. Set up SSH key authentication
SSH key authentication is more secure than password-based logins, as it uses cryptographic keys to verify your identity. To set this up on a Linux-based VPS, run the following commands:
ssh-keygen -t rsa -b 4096 (generate an SSH key pair on your local machine)
ssh-copy-id newuser@your-server-ip (copy the public key to the server)
sudo nano /etc/ssh/sshd_config (opens the configuration file)
In the nano text editor, locate the line for ‘PasswordAuthentication’ and change it to ‘no’:
PasswordAuthentication no
To save the file in nano:
- Press CTRL+O to write the changes
- Press Enter to confirm
- Press CTRL+X to exit the editor
Restart SSH service:
- sudo systemctl restart ssh
Note: Make sure you’ve saved the file before restarting.

3. Configure the Firewall
A firewall helps restrict unauthorized access to your server. Configuration depends on your Linux distribution:
For Ubuntu/Debian (UFW):
- sudo apt install ufw -y
- sudo ufw allow OpenSSH
- sudo ufw allow 80/tcp
- sudo ufw allow 443/tcp
- sudo ufw enable
For AlmaLinux/RHEL (firewalld):
- sudo yum install firewalld -y
- sudo systemctl start firewalld
- sudo systemctl enable firewalld
- sudo firewall-cmd –permanent –add-service=ssh
- sudo firewall-cmd –permanent –add-service=http
- sudo firewall-cmd –permanent –add-service=https
- sudo firewall-cmd –reload
4. Set up Fail2Ban
Fail2Ban helps prevent brute-force attacks by blocking repeated login failures. To implement, run these commands:
- sudo apt install fail2ban -y (for installing fail2ban on Debian/Ubuntu
- sudo yum install fail2ban -y (for installing fail2ban on AlmaLinux/RHEL)
- sudo systemctl enable fail2ban (enables the fail2ban service)
- sudo systemctl start fail2ban (start the fail2ban service)
- sudo nano /etc/fail2ban/jail.local (configure Fail2Ban rules)
To help you, here are example settings for Fail2ban:
- [sshd]
- enabled = true
- maxretry = 5
- findtime = 600
- bantime = 3600
sudo systemctl restart fail2ban (save and restart Fail2Ban)
5. Configure automatic security updates
Keeping your system updated is crucial for security. Enable automatic updates:
For Debian/Ubuntu systems:
- sudo apt install unattended-upgrades -y
- sudo dpkg-reconfigure unattended-upgrades
For AlmaLinux/RHEL systems:
- sudo yum install dnf-automatic -y
- sudo systemctl enable dnf-automatic.timer
- sudo systemctl start dnf-automatic.timer
Conclusion
Configuring server security is a crucial step to protect your data and ensure stable performance. However, please note that the steps outlined above are a general guide to help you understand the key aspects of the process. Your configuration may vary depending on the operating system, hosting provider, or other factors. Be sure to consult the documentation provided by your provider and, if necessary, contact their support team for more specific recommendations tailored to your situation.