For some months now, I’ve been trying to set up an Mbin instance, since as it’s more manual than the other softwares I found, and I understand things better if I can see the logic behind them. I’d rather do that before going for automated processes where if something breaks, I don’t know how to handle. However, trying to figure things out as I go, it’s so much stuff that I figured out instead what I knew was very little.
As I was also interested in hosting other sites, this made me reevaluate things, and turns out several things I don’t know, like how to host two sites in a same machine, how to handle horizontal attacks, what some tools are used for, etc.
So going back to the title, what to study? Maybe some specific book? Private classes/courses? Online tutorials? Something else? Just no university suggestion, please - from experience, they are extremely shallow at best.
Thanks in advance!
In addition to just making a site available, you also need to learn how to make it secure. Anything published to the Internet will be under constant attack from bots. You need to not only secure the server itself, but also isolate it from the rest of your network in case it does get compromised.
That’s what I meant about horizontal attacks. Iirc that was the term used in the explanation that convinced me to consider a VPS. 😅
…though I still want stuff locally, so studying this type of network security is still in my roadmap.
A good hands-on approach with less risk is to rent a managed vps or shared webhost for a short period, and explore how they have it set up, and what you can do with it. See if you can get ssh access.
Don’t deploy anything serious, just Hello World sandbox stuff. Go watch the logs to see just how nmany bots are looking for wordpress sites, etc. Use the softaculous installer, if available, to quickly mess with different app deployment.
Look at the zone editor to see how domains are configured, though shared hosting will be odd sett and limited by the hosting company. See the antispam and security settings. Look at how they set up email accounts, and mess with the database editor(s).
At each step, have a browser window open with reference docs. If you are learning linux terminal commands, I strongly suggest upgrading from basic man reference material and using the tl;dr webapp.
edit: note that renting a shared webhost will probably be better with a small hosting company running cpanel as big companies like godaddy (friends don’t let friends use godaddy) use proprietary site management software that obscures just how shitty their setup is.
I would strongly suggest Pangolin for that use case. It combines a reverse proxy with a VPN tunnel between your local network and your VPS. You can host your services on your local machine, and serve them from the VPS. Pangolin also sets up your letsencrypt certs for https.
It also provides a security layer: if enabled for a site, you have to be logged in to Pangolin before Pangolin will proxy traffic to your site.