Hosting websites on freeBSD vps guidance

[Hello]

Sorry for so many questions
Thank you for reading or answering any one of them! <3

 

[AlfredoLlaquet]

Welcome, Hello. I've read your message in full. You seem to have a very good notion of what you want to do.

I can answer part of question 1: ssh() connections are encrypted, so the data is not visible to the vps provider. There are many nuances, but they are encrypted in modern systems.

Question 2: You can encrypt whole disk partitions, which is somewhat similar to "encrypt the whole disk," because disks are divided into partitions (see https://docs.freebsd.org/en/books/handbook/disks/#disks-encrypting). However, this and many other things will depend on the type of access to the virtual server that the provider grants you.

Question 3: When installing FreeBSD you can enable several hardening options for additional security (see https://docs.freebsd.org/en/books/handbook/bsdinstall/#bsdinstall-hardening).

 

[didal]

You absolutely cannot trust a VPS because it's not your computer in your own technical rooms. Furthermore it is shared with others.

 

[drhowarddrfine]

4) Depends on how big a server you order. Not answerable but we hosted three not-static ecommerce sites on one vps with far less than 20GB.
5) Yes

9) ICANN won't be the problem as they charge far less than a dollar of your total fee. Your registrar might but namecheap increased mine from $11 to $18 over 24 years.

15) I have never used sudo or doas. I don't see the need but some find it helpful. I don't.

Many of your questions need more detail than can be answered thoroughly in this one thread. Most of them aren't FreeBSD related. You should approach them one at a time in their own question.

 

[cracauer@]

Why would you want full disk encryption on a VPS? In case somebody breaks into Amazon datacenters and runs off with your physical instance?

 

[Hello]

4) Depends on how big a server you order. Not answerable but we hosted three not-static ecommerce sites on one vps with far less than 20GB.

I wasn't asking about storage, mostly memory and cpu.

5) Yes

How?

9) ICANN won't be the problem as they charge far less than a dollar of your total fee. Your registrar might but namecheap increased mine from $11 to $18 over 24 years.

I meant as ICANN is the governing body, it might dictate some policies and rules to companies to protect us.

Most of them aren't FreeBSD related.

Yup, that's why posted in off-topic

 

[Hello]

Why would you want full disk encryption on a VPS? In case somebody breaks into Amazon datacenters and runs off with your physical instance?

I might have some personal info for example emails, calendar, notes, use it as a proxy, etc that I want to keep private, including if I decide to host a website with user data. Yes I know I can encrypt files notes, calendar, etc. And if company does violate privacy, there are good chances they share with government. And even if they respect it, they can be compromised by hackers/nation state.