We have a sponsor - Sublime Hifi. They have generously sponsored a bare metal server to run our Snakeoil project (and Sublime Hifi website) for at least 1 year (and hopefully more).
The bare metal server is running Proxmox (Virtualisation hypervisor), and is fronted by a VM running pfSense (a software router). All Internet traffic will hit this pfSense server first, and from there re-directed to the appropriate servers. The pfSense server is also running Suricata which is a Intrusion Detection/Prevention System (IDS/IPS) designed to slow down hacker attacks. As seen below, hopefully this will prevent at least some spam bots for spamming our services.
Everything is now backed up automatically (thanks to Proxmox) and this should give Snakeoil a lot of flexibility when upgrading or migrating between systems. The whole system is also protected by cloudflare. It is still very much possible for hackers to get into our systems despite multi levels of security (especially now they know how everything works). But at least something is still better than nothing.
Updating the Snakeoil frontend software (b2evolution, mediawiki and mybb) can be very problematic. There were cases in the past when updating software broke parts (or the entire) the website. Running everything under Proxmox will reduce this risk.
The most important bit, of course is speed. The old Snakeoil website was hosted on a VPS (Virtual Private Server) with only 2 vCPUs, 2GB of RAM and very small disk space. We are now running on a VM (Virtual Machine) with 4 vCPUs, 8GB of RAM and lots of space!
So in summary, thanks to our sponsor, we now have:
- Better security
- Easier to migrate website to new hosts
- Easier to update website and operating system
- Better backup system
- More space!
All in all while everything took around 1-2 months to set all this up, the time saved for future roll out is now signficantly reduced.
Why do we need the speed? Well, I am working on a site that allows you to easily build your own custom kernel. This requires computing powers my current VPS lacks. This is still in the works, so watch this space!
Do remember to check out our sponsor now.