Section 1.1: Create a Standard User Account

To enhance security, it is advisable to log in with a standard user account instead of the root account, as this mitigates the risk of unintentional or malicious actions.

To create a new user, for instance, let’s name it 'nunobispo', you can execute the following command:

adduser nunobispo

During this process, you will be prompted to set a password and provide at least a name for the user.

If you want this user to perform administrative tasks, you can add them to the sudo group, allowing them to execute commands that require elevated privileges:

usermod -aG sudo nunobispo

Section 1.2: Activate the UFW Firewall

Securing your server from external threats is crucial, especially when it is a cloud server exposed to the Internet.

The simplest method to achieve this is by enabling the built-in firewall. Before activating it, ensure you retain access to your server by allowing SSH connections:

ufw allow OpenSSH

If you plan to set up a web server or similar applications, you may also need to open ports 80 (HTTP) and 443 (HTTPS):

ufw allow http

ufw allow https

Once you’ve configured the necessary permissions, you can activate the UFW firewall with:

ufw enable

To verify that your firewall is operational and that the appropriate ports are open, you can run:

ufw status