[codelust]

It has been quite easy for a few years now to put together your own setup on a VPS and run with it. IIRC, I started doing this somewhere around 2008, during the heydays of Slicehost. What has changed is that you now get pretty good and reliable VPS providers for cheap and in some ways it has kind of become a cool thing to do for everyone.

I would, though, add a few words of caution here.

1. It is one thing to put together a VPS to run a bunch of sites. It is another to handle major traffic on it. Some of you have done it, some of you will learn with time how to do it, but a large number won't. If it is critical for your site to be up 24/7 and Google is going to be your best friend in trying to understand which part of the stack is creating the bottleneck, you'll be in for some real trouble.

2. Do you know how to check for rootkits? Would you know if your server has been backdoored? These days attack vectors are so complex that even experienced hands (the main reason why I don't do this on my own anymore) have trouble saying for sure they are fully locked down. Wordpress on a public static IP represents one of the juiciest targets on the web for hackers and a big chunk of the phishing sites are hosted on servers with unpatched Wordpress installations or plugins/themes that have backdoors in them. Most of the site owners have no clue they've been owned till the hosting company takes them down. Please don't wind up being one of those site owners.

If you are going to do this own your own, at least get something like Wordfence installed, so that you have some degree of protection in place.

I run most of my sites these days on Webfaction. I believe they run Cloudlinux these days, which means you get pretty consistent performance from the server, even in the shared hosting environment. The sites with greater resource requirements are moved to Wiredtree, who provide beefier, managed VPS services at reasonable rates as long as you are OK with cPanel and don't veer too much from their standard stack.

Disclosure: I have no business links with Webfaction or Wiredtree.

[luxpir]

This is definitely cause for anxiety, and a learning curve in itself.

At my end I try to keep things patched, check the listening ports and run Tripwire, rkhunter etc.

Cheers for the Wordfence tip, I'll take a look.