How to install a Minecraft server on Ubuntu 24.04 LTS with DDoS protection

Before you start

This guide covers Minecraft Java Edition server installation on a Minecraft VPS or Minecraft dedicated server. You’ll need:

• A Minecraft VPS running Ubuntu 24.04 LTS with at least 2GB RAM (4GB+ recommended for multiple players), or a Minecraft dedicated server for larger communities
• SSH access with root or sudo privileges
• Basic familiarity with the Linux command line

Minecraft servers are memory-hungry. For a smooth experience:

• 2GB RAM - 1-5 players, small world
• 4GB RAM - 5-15 players, moderate exploration
• 8GB+ RAM - 15+ players, large worlds, plugins/mods

Step 1: Update your system

Start with a fresh, updated system:

sudo apt update && sudo apt upgrade -y

Step 2: Install Java

Minecraft Java Edition requires Java. Install the OpenJDK 21 package:

sudo apt install -y openjdk-21-jre-headless

Verify the installation:

java -version

You should see output showing OpenJDK 21.

Step 3: Create a Minecraft user

For security, run the Minecraft server under its own user account:

sudo useradd -r -m -d /opt/minecraft minecraft

This creates a system user with a home directory at /opt/minecraft.

Step 4: Download the Minecraft server

Switch to the minecraft user and download the server:

sudo -u minecraft -s
cd /opt/minecraft

Download the latest Minecraft server JAR. Check minecraft.net/download/server for the current version URL:

wget https://piston-data.mojang.com/v1/objects/\
45810d238246d90e811d896f87b14695b7fb6839/server.jar

Note: The URL above is an example. Get the current download link from Minecraft’s official site.

Step 5: Accept the EULA

Minecraft requires you to accept their End User License Agreement. Create the file:

echo "eula=true" > eula.txt

By doing this, you confirm you’ve read and accept Minecraft’s EULA.

Step 6: Configure server properties

Create a basic configuration file:

cat << 'EOF' > server.properties
# Minecraft server properties
server-port=25565
gamemode=survival
difficulty=normal
max-players=20
view-distance=10
motd=A Minecraft Server
enable-command-block=false
spawn-protection=16
online-mode=true
EOF

Key settings to consider:

• server-port - Default is 25565
• max-players - Adjust based on your VPS resources
• view-distance - Lower values (8-10) reduce RAM usage
• online-mode - Keep true to verify player accounts with Mojang

Step 7: Create a startup script

Create a script to launch the server with optimized settings:

cat << 'EOF' > start.sh
#!/bin/bash
java -Xms1G -Xmx2G \
  -XX:+UseG1GC \
  -XX:+ParallelRefProcEnabled \
  -XX:MaxGCPauseMillis=200 \
  -jar server.jar nogui
EOF

chmod +x start.sh

Adjust the memory settings:

• -Xms1G - Initial memory allocation
• -Xmx2G - Maximum memory allocation

Set -Xmx to about 75% of your VPS RAM to leave room for the OS.

Exit the minecraft user shell:

exit

Step 8: Create a systemd service

Create a service file so the server starts automatically:

sudo nano /etc/systemd/system/minecraft.service

Add:

[Unit]
Description=Minecraft Server
After=network.target

[Service]
User=minecraft
WorkingDirectory=/opt/minecraft
ExecStart=/opt/minecraft/start.sh
Restart=on-failure
RestartSec=10

[Install]
WantedBy=multi-user.target

Enable and start the service:

sudo systemctl daemon-reload
sudo systemctl enable minecraft
sudo systemctl start minecraft

Step 9: Configure your firewall

In your ServerPoint’s Client Portal, configure firewall rules:

• Port 25565 (TCP) - Open this for Minecraft traffic. You can limit it to specific IP addresses if you only want certain players to connect.
• Port 22 (SSH) - Block in Global firewall, open only when you need access or to your IP.

Keep all other ports closed.

DDoS protection included

Minecraft servers are frequent targets for DDoS attacks. Players get frustrated, rival servers try to knock you offline, and random attackers probe for vulnerabilities.

Good news: all ServerPoint VPS and dedicated servers include DDoS protection at no extra cost.

Our DDoS mitigation provides:

• Up to 5 terabits per second of scrubbing capacity
• Third-party DDoS scrubbing service with global presence
• Always-on protection - no need to enable it manually
• Automatic detection of attack traffic

When an attack hits your server, malicious traffic is filtered out before it reaches your VPS. Legitimate player connections continue uninterrupted.

You don’t need to configure anything. The protection is already active on your VPS or dedicated server.

Step 10: Test your server

Check if the server is running:

sudo systemctl status minecraft

View the server logs:

sudo journalctl -u minecraft -f

Connect to your server from Minecraft using your VPS IP address and port 25565.

Useful commands

Attach to the server console

To run commands on the server, you can use screen or modify the service. For a quick test:

sudo systemctl stop minecraft
sudo -u minecraft -s
cd /opt/minecraft
./start.sh

Then type commands like op yourname to make yourself an operator.

Restart the server

sudo systemctl restart minecraft

Stop the server

sudo systemctl stop minecraft

View logs

tail -f /opt/minecraft/logs/latest.log

Performance tips

• Reduce view-distance - Set to 8-10 for better performance
• Pre-generate the world - Use plugins like Chunky to pre-generate chunks
• Use Paper instead of Vanilla - PaperMC is an optimized fork with better performance
• Monitor RAM usage - If you see lag, increase -Xmx or upgrade your VPS

Backups

Don’t forget to back up your world! The world data is in /opt/minecraft/world/.

Create a simple backup script:

sudo -u minecraft bash -c \
  'tar -czf ~/backups/world-$(date +%Y%m%d).tar.gz \
  -C /opt/minecraft world'

Consider adding our VPS backup service for automated backups.

Use ServerPoint’s Cloud Firewall via ServerPoint’s Client Portal

Beyond DDoS protection, use ServerPoint’s Cloud Firewall to control who can access your server. You’ll find it in ServerPoint’s Client Portal under the Firewall section for your VPS.

• Whitelist specific IPs - Only allow known players to connect
• Block regions - Reduce attack surface by blocking countries you don’t expect players from
• Close SSH when not needed - Block port 22 globally and only open it when you need to manage the server

ServerPoint’s Cloud Firewall filters traffic at the network level, before it reaches your VPS. This is more secure than software firewalls like ufw because malicious traffic never touches your server.

---

Explore our VPS plans to find the right amount of RAM for your Minecraft server.