diff --git a/CHANGELOG.md b/CHANGELOG.md
index 73d1ea4..366cc7c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -15,6 +15,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 - APT Packages configuration step with `wo stack upgrade` to apply new configurations
 - Cloudflare restore real_ip configuration
 - WP-Rocket support with the flag `--wprocket`
+- Install unattended-upgrade and enable automated security updates
+- Enable time synchronization with ntp
 
 #### Changed
 
diff --git a/install b/install
index e565596..e1d628a 100755
--- a/install
+++ b/install
@@ -175,17 +175,21 @@ fi
 wo_install_dep() {
 
     {
-
+        export DEBIAN_FRONTEND=noninteractive
         [ -z "$wo_travis" ] && {
             # update server packages
-            DEBIAN_FRONTEND=noninteractive apt-get dist-upgrade --option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --option=Dpkg::options::=--force-unsafe-io --assume-yes --quiet
+            apt-get dist-upgrade --option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --option=Dpkg::options::=--force-unsafe-io --assume-yes --quiet
         }
         if [ "$wo_linux_distro" == "Ubuntu" ]; then
             # install dependencies
-            DEBIAN_FRONTEND=noninteractive apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install build-essential curl gzip python3 python3-apt python3-setuptools python3-requests python3-dev sqlite3 git tar software-properties-common pigz gnupg2 cron ccze rsync tree haveged ufw unattended-upgrades > /dev/null 2>&1
+            apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install \
+            build-essential curl gzip python3 python3-apt python3-setuptools python3-requests python3-dev sqlite3 git tar software-properties-common pigz \
+            gnupg2 cron ccze rsync tree haveged ufw unattended-upgrades tzdata ntp > /dev/null 2>&1
         else
             # install dependencies
-            DEBIAN_FRONTEND=noninteractive apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-requests python3-dev ca-certificates sqlite3 git tar software-properties-common pigz apt-transport-https gnupg2 cron ccze rsync tree haveged ufw > /dev/null 2>&1
+            apt-get -option=Dpkg::options::=--force-confmiss --option=Dpkg::options::=--force-confold --assume-yes install \
+            build-essential curl gzip dirmngr sudo python3 python3-apt python3-setuptools python3-requests python3-dev ca-certificates sqlite3 git tar \
+            software-properties-common pigz apt-transport-https gnupg2 cron ccze rsync tree haveged ufw unattended-upgrades tzdata ntp > /dev/null 2>&1
             # add php repository gpg key
             [ -d /etc/apt/trusted.gpg.d ] && { wget -qO /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg; }
             # add nginx repository gpg key
@@ -193,6 +197,13 @@ wo_install_dep() {
         fi
 
         locale-gen en
+        # enable unattended upgades
+        cp /usr/share/unattended-upgrades/20auto-upgrades /etc/apt/apt.conf.d/20auto-upgrades
+        # set default ntp pools
+        sed -e 's/^#NTP=/NTP=time.cloudflare.com 0.ubuntu.pool.ntp.org 1.ubuntu.pool.ntp.org 2.ubuntu.pool.ntp.org 3.ubuntu.pool.ntp.org/' -i /etc/systemd/timesyncd.conf
+        # enable ntp
+        timedatectl set-ntp 1
+
     } >> "$wo_install_log" 2>&1
 
 }