| You clearly haven't tried doing that in quite a long while. Using SSH keys + fail2ban means that for a simple static site, it will be sufficient for a decade at least. TLS certificates get auto-renewed with letsencrypt every 3 months via certbot. Installing security updates depends heavily on what is your threat model, if you're just displaying some static content you fully own, you'll be usually fine. Literally never seen a VPS being "retired", if it happened to you, change provider. I've got a bunch of VPS running for 10+ years, I never need to touch them anymore. My homelab has been going strong for the past 8 years. I did have to do some upgrade/maintenance work to go from being an old laptop without screen to a minitower low power machine, and when I added 30TB of storage. Other than that, it's running smoothly, it also uses TLS and all the rest. |