I’m sure this has been asked a thousand times but I can’t find any questions/answers by searching… Anyway - I’m looking to set up a rails site, discourse forum and image server here on DO, (or heroku - but I just don’t want to pay the crazy money they would want), but I have zero experience with devops.
Am I likely to be able to setup a server (with ssl) and keep it secure easily? Or am I as well to bite the bullet and pay for someone else to keep me secure (Heroku). I suppose I’m looking for anyone’s feedback who has setup a server and is keeping it secure despite a lack of devops knowledge. I’ve been looking for an outsource for a managed DO server but it doesn’t look like anyone is offering this as a service at a sensible price that I can find (feel free to suggest anyone that does).
Any answers/guidance gratefully received,
Johnny
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Accepted Answer
When it comes to managing a server, we have a few guides to cover the basics, though security is a very broad subject matter. Much like software, security is ever-changing and you would need to keep up with any updates/upgrades to the OS as well as the software you run.
It’s not impossible to run a server with limited experience. Even the most experienced sysadmins had to start somewhere :-).
This guide is one we normally recommend for initial server setup. It’s geared towards Ubuntu 16.04, though the overall details apply to most any OS (CentOS, Fedora, Debian, etc).
Initial Server Setup with Ubuntu 16.04
Other initial server setup guides can be found here.
…
When it comes to security, properly setting up a firewall is always a good idea and with our newest service, Cloud Firewalls (which are free of charge), setting up and managing a firewall is pretty easy.
1). An Introduction to Cloud Firewalls
2). How to Create Your First DigitalOcean Cloud Firewall
3). How to Troubleshoot DigitalOcean Cloud Firewalls
4). How to Organize DigitalOcean Cloud Firewalls
Beyond initial setup and using a firewall, application security is equally as important. Unfortunately, we don’t have specific guides that cover security for rails or discourse in general (at least not yet), though general security applies there. Use secure passwords (I always recommend 16-32 characters, and 64 when you can) and SSL.
How To Secure Nginx with Let’s Encrypt on Ubuntu 16.04
…
When it comes to fully managed service, as in server + application, the cost can be quite high as your normally paying someone to be available at any given time. I know when I take on sysadmin jobs, the average cost is anywhere from $50-$100/hour.
For a managed service, in most cases, managed only means the OS and core software and overall security – it doesn’t generally apply to the application level. Before paying for managed services, I’d make sure that managed actually means what you believe it does so you’re not left hanging in the event something does happen :-).
I can’t really comment on Heroku as I’ve not really used them (but I love their design!), though from what I can tell, they provide a general managed environment for the software and OS, but not specifically the application itself (unless they’ve changed that around).
This comment has been deleted
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.