Posted in: Q&A

How does this compare to a managed service like cloudways in terms of security and firewall?

Written by admin_foo

Hi!

I am planning on creating a self hosted server with vultr high frequency and openlightspeed with cyberpanel.
I will run everything through cloudflare which should offer some extra protection.

Now I am wondering in terms of security risks and firewall set up.How does this compare to a managed service like cloudways in terms of security and firewall?
Am I sacrificing a lot of security for self hosting or are there ways to implement them myself?I appreciate any advice or shared experience on this matter.

Answers:

Cyberpanel comes with firewall. It’s simple but works quite well.Choose a Vultr HF location that has dDos protection

Cloudways is not managed… anything.
How does what you’re describing compare to that: very well.
How does ANY of that compare to actual managed hosting: not good.
If you want something close to CW, you can get there via free OS hosting panels.
If you want to get close to MANY “managed” solutions, you can find a way through.
There is no silver bullet for creating something that ACTUALLY checks all these boxes for zero dollars.

 

There’s server firewall and cloud firewall.
CyberPanel comes with ModSec and CSF (one of my favorites). For extra WAF, you can use a plugin or Cloudflare one.Cloudways comes with pre-configured one that’s probably app-specific for WordPress. Out of the box, I’d probably bet on Cloudways one being better and less hassle for you.
But in real world use, both are good enough. Sure, to have something even better….you can learn more or pay more. You choose.

 

What I’ve done is close all non SSL ports, setup CP to be accessible via hostname only and keep all plugins and themes up to date… Also I use CF DNS zone… I find ModSec to often be more trouble than help, unless you configure them yourself… On server level I have Fail2Ban…

 

Since you will be managing the server, it will be as secure as you can make it.
On that note, consider using DirectAdmin or cPanel / Plesk.
Control panel is the centerpiece of your server. CyberPanel isn’t production ready yet. It needs to iron out its security issues and bugs before using it on a production system.

If you’re going to use Cloudflare, I’d recommend Origin SSL with Authenticated Origin Pulls setup. This would prevent bypassing Cloudflare.
https://support.cloudflare.com/hc/en-us/articles/204899617

Are you on Cloudflare Pro or Business? If not, Cloudflare provides very little security in Cloudflare Free price plan.