First off I want to thank Steven Giesel for the engine this blog is running on. Factoring out the issues I encountered with hosting, this blog engine is very easy to setup and is "plug and play". If you are interested in Blazor, Dotnet, or C# and are wanting to start a blog I would highly recommend it.
This is the second time writing this blog post, and this version will not be as detailed as I lost/forgot the specifics of the problems. The issues I faced were due to my lack of experience and not due to anything in the blog engine.
Goals
- Establish a personal blog
- Learn more about docker
- Learn Linux server hosting and hardening
Spec shortfalls
I went with the cheapest VPS on the provider I already had an account on, and this was my first mistake. It worked fine at first but I ran into a few blockers due to the lower specs:
- Builds of the project were taking 5-10 minutes which made setup iterations and debugging annoying.
- With only 512MB of ram I was maxing it out quickly, so I setup a swap space which alleviated my RAM issues. This wasn't a long term solution as I only had 10GB of storage.
There are probably ways to make this setup work, I caved in and bought a few tiers up. A more powerful VPS solved these issues.
Losing access
I managed to lock myself out of my VPS at least twice in the hardening process. My hosting provider had a convenient recovery access panel that I was able to get in and undo any mistakes or further configure the server. My advice would to be find a similar solution or have one in place before attempting anything that locks down your server.
- I changed the default port for ssh for example, which stopped me from being able to user the hosting provider's ssh console to connect. The recovery console and a local terminal still worked.
- Setting up and locking down the firewall also left me in a similar situation. My active login/connection worked but new logins did not and i had to fix it before logging out on the active user or I would have issues.
My general suggestion would be tread carefully, research, and test before looking yourself out. Backups could also be a way to revert to working behavior.
Successes
The blog engine itself was easy to use and could be put into production immediately (with some features and functionality just requiring minor config values). The database automatically gets created, there are scheduled jobs out of the box, and guides on how to setup the 3rd party connections.
Besides the minimal hosting cost of this site, everything was free. The blog has a MIT License and is open to any custom changes you want to implement.