Login Get Started
Hostxpeed
Login Get Started →
Getting Started

How to Set Up Automatic Security Updates

6 min read
25 views
Jun 10, 2026

Prerequisites

Before setting up automatic updates, make sure you have:

  • SSH access to your VPS with root or sudo privileges
  • Your server IP address and password

💡 Automatic security updates ensure your server stays protected against known vulnerabilities without manual intervention.

Method 1: Ubuntu/Debian (unattended-upgrades)

Step 1: Connect to Your VPS

ssh hxroot@YOUR_SERVER_IP -p 22

Step 2: Install unattended-upgrades

apt update
apt install unattended-upgrades -y

Step 3: Configure Automatic Updates

dpkg-reconfigure --priority=low unattended-upgrades

Select Yes when prompted.

Step 4: Review Configuration (Optional)

nano /etc/apt/apt.conf.d/50unattended-upgrades

Key settings to check:

Unattended-Upgrade::Allowed-Origins {
    "${distro_id}:${distro_codename}-security";
    // "${distro_id}:${distro_codename}-updates";
    // "${distro_id}:${distro_codename}-proposed";
    // "${distro_id}:${distro_codename}-backports";
};

Uncomment the security line (it should be active by default).

Step 5: Enable Automatic Reboot (Optional)

If you want the server to reboot automatically when needed:

nano /etc/apt/apt.conf.d/50unattended-upgrades

Uncomment and set:

Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::Automatic-Reboot-Time "03:00";

Step 6: Check Status

systemctl status unattended-upgrades

Step 7: Test Configuration

unattended-upgrades --dry-run

Method 2: CentOS/Rocky/AlmaLinux (dnf-automatic)

Step 1: Install dnf-automatic

dnf install dnf-automatic -y

Step 2: Configure Automatic Updates

nano /etc/dnf/automatic.conf

Set these values:

[commands]
upgrade_type = security
random_sleep = 0

[email]
email_from = root@example.com
email_to = admin@example.com
email_host = localhost

[install]
apply_updates = yes

[system_reboot]
reboot = yes
reboot_messages = yes

Step 3: Enable and Start Service

systemctl enable --now dnf-automatic.timer

Step 4: Check Timer Status

systemctl list-timers | grep dnf-automatic

Method 3: Configure Email Alerts (Ubuntu/Debian)

To receive email when updates are installed:

apt install mailutils -y

Edit unattended-upgrades config:

nano /etc/apt/apt.conf.d/50unattended-upgrades

Add or uncomment:

Unattended-Upgrade::Mail "admin@example.com";
Unattended-Upgrade::MailReport "only-on-error";

View Automatic Update Logs

cat /var/log/unattended-upgrades/unattended-upgrades.log
cat /var/log/unattended-upgrades/unattended-upgrades-dpkg.log

Manually Run Unattended-Upgrades

unattended-upgrades -v

Disable Automatic Updates

If you prefer manual control:

systemctl stop unattended-upgrades
systemctl disable unattended-upgrades

Or remove the package:

apt remove unattended-upgrades -y

Check What Updates Are Available

apt list --upgradable

Best Practices

  • Keep security updates enabled
  • Test major version updates on staging server first
  • Review logs weekly to ensure updates are applying
  • Set up monitoring to alert if auto-updates fail
  • For production servers, consider rebooting during low-traffic hours

✅ Automatic security updates have been configured. Your Hostxpeed VPS will now install security patches automatically.

Was this article helpful?