I've got a handful of different projects running for now - some PHP applications along with a couple of WordPress instances, which all presently are stored in a website hosting company. Anything period time is going to finish and that i would lie basically wouldn't state that I truly had considered switching onto a VPS server within the cloud using the prices getting excellent. I'm totally deeply in love with the very fact of having the ability to turn the performance up or lower when demand increases, or disappears and therefore cut the expense.
With my background like a PHP developer, with merely a little hint of Linux (ubuntu) understanding, I'm completely worried about the safety basically should run my very own VPS.
Sure, I can install and obtain things running with my current understanding (plus some help by Google), but could it be realistic nowadays to anticipate that my server (Light, really) will remain secure by drained-from the box stuff and keeping up-up to now?
I wouldn't. We did exactly the same factor since the non-handled VPS are sooo cheap, but unless of course you will need to install programs or libraries that aren't a part of standard shared host configurations, in my opinion, as being a pure developer too, time spent isn't worthwhile.
Unless of course, obviously, it's your own small blog or you want to experiment.
But imagine you (or whichever automation you utilize) update php, as well as for some reasons it fails (or worse, you render your present installation useless) - have you been sufficiently good to handle this? And when so, how lengthy does it require? Have you got a friend at hands who are able to help?
We, as small businesses, are eliminating our VPSs step-by-step and moving to our merchant package, located in a good hosting provider.
Good question, though.
Preserving your server is simply one more factor to bother with, and when you are a developer, your focus should most likely be on development. Nevertheless, it must make sense financially to visit the handled route. If you are just focusing on toy projects (I have got a $20/month VPS which i use for my own projects and home page, and it is pretty hands-off) or if you are just getting off the floor, VPSes possess the advantage to be cheap and providing you with lots of charge of your atmosphere. You may also mitigate a few of the risk by continuing to keep aggressive backup copies, since it's not hard to redeploy a server rapidly.
But, should you become so terrible where it will not affect your profitability to do this, you most likely should you should consider getting another person to consider proper care of infrastructure for you personally either by purchasing handled hosting services or employing someone to get it done for you personally. Everything is dependent on what you could manage to lose if you achieve rooted and just how enough time you really can afford to purchase server management and recovery instead of coding.
Instead of provide you with advice about list of positive actions, or let you know what I would do, I am just likely to address your question "could it be realistic nowadays to anticipate that my server (Light, really) will remain secure by drained-from the box stuff and keeping up-up to now?" The response to this, for me, is essentially yes.
dietbuddha is appropriate, obviously: what comprises a suitable degree of security is dependent about the context, however for basically probably the most security-sensitive reasons, if you are utilizing a current (i.e. supported) distro, with sane defaults, and maintaining using the security updates, then you need to be fine.
I've two VPSs, all of them presently runs Ubuntu 10.04 server. On one of these, I spend a while setting up and setting up tiger, tripwire, and taking many other safety measures. Alternatively, I merely installed fail2ban and hang security updates to automatic, and left it at this. They have been running for any couple of years, now, and I have had not a problem with either.
For security, I've effectively used Amazon . com EC2 for several things. It isn't the least expensive around, but quite understandable in shared data stores between instances, link with S3, running hosts at different hosting centers etc, grouping hosts in various groupings, and so forth.
There is a firewall built-in, where one can turn everything off except say, TCP traffic on port 22 for SSH and 80 for web. That coupled with something similar to Ubuntu, where one can easily run updates without worrying much about breakage, is most likely all that's necessary from the security perspective.