There are ways to make that irrelevant. I use a cheap vps and just have it funnel raw traffic for the ports I need to my home server via wireguard. All my SSL certs live on my machine and the VPS can’t see any of the traffic contents. I suppose they could redirect traffic elsewhere or start serving whatever on that domain, but I would know immediately and there are some limits to my paranoia.
There are ways to make that irrelevant. I use a cheap vps and just have it funnel raw traffic for the ports I need to my home server via wireguard. All my SSL certs live on my machine and the VPS can’t see any of the traffic contents. I suppose they could redirect traffic elsewhere or start serving whatever on that domain, but I would know immediately and there are some limits to my paranoia.