VPSArmor.com: a VPS security boilerplate self-hosting community
We're sponsoring VPSArmor.com to raise the awareness on the topic of security for self-hosters.
More indie hackers and teams are moving to VPS hosting, using various providers like OVHCloud and Hetzner. That's great! Self-hosting should be accessible, and you shouldn't need to navigate layers of managed services to run your own infrastructure.
The problem: if you're new to VPS administration, it's easy to make security mistakes. Exposing databases, leaving default ports open, skipping automatic updates—these are common first-time errors that can bite you quickly.
We're sponsoring VPSArmor.com, a free, one-command security hardening script for Ubuntu LTS and Debian Stable servers. It handles the baseline: system updates, unattended-upgrades, fail2ban for SSH protection, and UFW firewall configuration.
The script is short, readable, and follows a KISS philosophy: no complexity, just the essentials. As you know we are trying to move away from the merchants of complexity, as theorized by DHH.
This is a boilerplate, a solid starting point for anyone spinning up a fresh VPS. The code is open source, and we're supporting it because the self-hosting community deserves better security defaults.
If you're running your SaaS services on your VPS, proper server hardening is part of the foundation that makes everything, including DMARC and other email security measures effective. You don't want an open relay because you messed up your SMTP's server configuration!
You can find the project at vpsarmor.com or check the source on GitHub, or even better, star the repo!