Hosting & Infrastructure

Infrastructure you can rely on.

Self-hosted on DigitalOcean VPS. No shared hosting, no platform lock-in, no mystery. Every site is configured, monitored, and maintained by hand.

Capabilities

VPS Hosting

DigitalOcean Droplets

Sites run on managed Droplets — dedicated virtual machines with predictable performance. Sized appropriately for load, with room to scale.

Web server

nginx

nginx handles all HTTP traffic. Configured with HTTP/2, gzip compression, correct cache headers, and security headers (HSTS, CSP, X-Frame-Options).

TLS

Let's Encrypt

Every site is HTTPS by default. Certificates are provisioned with Certbot and auto-renewed via cron. Renewal failures trigger an alert before expiry.

Monitoring

Uptime & alerting

External uptime checks run continuously. Any downtime triggers an immediate alert. Response times and status codes are logged.

Backups

Daily automated snapshots

Server state and database dumps are backed up daily. Backups are stored off-site and tested periodically.

Security

Hardened configuration

SSH key-only access, UFW firewall, automatic unattended upgrades, and fail2ban for intrusion prevention. Minimal attack surface by design.

DNS

Domain & DNS management

Domain registration, DNS records, and propagation handled as part of the service. TTLs tuned for fast failover when needed.

Maintainability

Long-term thinking

Static exports mean fewer moving parts. Infrastructure is documented, version-controlled with Ansible where appropriate, and built to outlast trends.

Infrastructure stack
DigitalOceanVPS provider
Ubuntu LTSServer OS
nginxWeb server & reverse proxy
Let's EncryptTLS certificates
CertbotCertificate management
UFWFirewall
fail2banIntrusion prevention
rsyncDeployment
cronScheduled tasks & backups
AnsibleInfrastructure as code (where needed)
DockerApplication containers (where needed)
Philosophy

Why self-hosted?

Managed platforms are convenient until they are not. Pricing changes, features disappear, and you end up beholden to decisions made for someone else’s business model.

A well-configured VPS gives you a stable foundation you control. nginx is fast, reliable, and boring in the best possible way — it does exactly what you configure it to do and nothing else.

Self-hosted infrastructure also means the full stack is transparent. If something goes wrong, there is no support ticket queue — I can diagnose and fix it directly.

What this means for you

Predictable costs

Server costs are fixed and transparent. No per-seat pricing, no bandwidth surprises.

No lock-in

Your site is a folder of files. It can be moved to any server, any provider, at any time.

Long-term stability

Static exports and a lean stack mean your site will still build and deploy in five years.

Example nginx configuration
nginx.conf (abridged)
server {
    listen 443 ssl http2;
    server_name example.com;

    ssl_certificate     /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_protocols       TLSv1.2 TLSv1.3;
    ssl_ciphers         ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;

    add_header Strict-Transport-Security "max-age=63072000" always;
    add_header X-Frame-Options           SAMEORIGIN;
    add_header X-Content-Type-Options    nosniff;
    add_header Referrer-Policy           strict-origin-when-cross-origin;

    root  /var/www/example/out;
    index index.html;

    location ~* \.(js|css|woff2|ico|svg|png|webp|avif)$ {
        expires 1y;
        add_header Cache-Control "public, immutable";
    }

    location / {
        try_files $uri $uri/ $uri.html =404;
    }

    error_page 404 /404.html;
}
Get hosted

Need hosting for a new or existing site?

I host and maintain client sites alongside building them. Get in touch to discuss what you need.

Get in touchView services