Table of Contents
Automating server updates on Ubuntu Server 24.04 helps keep security patches installed without requiring manual maintenance every day. This is especially useful for production VPS servers that need regular security updates and stable uptime.
Most administrators enable automatic security updates on a Linux VPS server to reduce exposure to known vulnerabilities while keeping full control over major system upgrades.
Step 1: Connect to the Ubuntu Server
Access the server using SSH:
ssh root@your_server_ipStep 2: Update Package Information
Refresh the package index before installing update tools:
apt updateUpgrade currently installed packages if needed:
apt upgrade -yStep 3: Install unattended-upgrades
Install the package used for automatic updates:
apt install unattended-upgrades -yOn many Ubuntu Server installations, this package may already be installed by default.
Step 4: Enable Automatic Updates
Run the configuration command:
dpkg-reconfigure -plow unattended-upgradesWhen prompted, select:
YesThis enables automatic package updates using the unattended-upgrades service.
Step 5: Verify the Auto-Update Configuration
Open the automatic update configuration file:
nano /etc/apt/apt.conf.d/20auto-upgradesMake sure it contains:
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";The value 1 means Ubuntu checks for updates and applies unattended upgrades daily.
Step 6: Configure Security Updates Only
Open the unattended-upgrades configuration file:
nano /etc/apt/apt.conf.d/50unattended-upgradesFor most VPS servers, keeping automatic updates limited to security updates is safer than installing every available package update automatically.
Check that the allowed origins include the security repository:
Unattended-Upgrade::Allowed-Origins {
"${distro_id}:${distro_codename}-security";
};This keeps the automatic update process focused on security patches.
Step 7: Enable Automatic Reboot If Needed
Some updates, such as kernel updates, may require a reboot. To allow automatic reboot after required updates, add or update this line:
Unattended-Upgrade::Automatic-Reboot "true";To schedule the reboot time, use:
Unattended-Upgrade::Automatic-Reboot-Time "03:00";Use a low-traffic time to avoid interrupting active users or running applications.
Step 8: Remove Unused Dependencies Automatically
To clean unused packages after updates, enable automatic removal:
Unattended-Upgrade::Remove-Unused-Dependencies "true";This helps keep the server cleaner after package upgrades.
Step 9: Test the Configuration
Run a dry test without installing updates:
unattended-upgrade --dry-run --debugThis checks the configuration and shows what unattended-upgrades would do during an automatic run.
Step 10: Check Update Logs
View unattended-upgrades logs:
ls -lah /var/log/unattended-upgradesRead the main log file:
cat /var/log/unattended-upgrades/unattended-upgrades.logYou can also check package installation details:
cat /var/log/unattended-upgrades/unattended-upgrades-dpkg.logStep 11: Check If a Reboot Is Required
After automatic updates, check whether Ubuntu requires a reboot:
test -f /var/run/reboot-required && cat /var/run/reboot-requiredIf the file exists, restart the server during a safe maintenance window.
Step 12: Disable Automatic Updates If Needed
If you need to disable unattended upgrades later, edit:
nano /etc/apt/apt.conf.d/20auto-upgradesSet both values to 0:
APT::Periodic::Update-Package-Lists "0";
APT::Periodic::Unattended-Upgrade "0";This stops Ubuntu from automatically applying unattended package upgrades.
Automatic updates on Ubuntu Server 24.04 help keep VPS environments secure by installing important security patches regularly. For production servers, security-only updates with controlled reboot settings provide a safer balance between protection and stability.
