Introduction
Deploying applications to the cloud has become easier thanks to various platform-as-a-service options, but they aren't always ideal for every use case. Serverless platforms can be expensive and less suitable for long-running tasks or large data transfers. In contrast, virtual private servers (VPS) offer consistent billing and more control. However, many developers hesitate to use VPS for production due to the perceived complexity of setup. This guide breaks down how to set up a production-ready VPS from scratch, ensuring security, performance, and ease of deployment.
Why Choose a VPS?
Unlike serverless platforms, VPS provides predictable monthly costs and less risk of unexpected price spikes when transferring large data. With more resources and flexibility, a VPS is a cost-effective solution for projects requiring consistent uptime and control over the server environment. The challenge lies in configuring the VPS correctly to be reliable, secure, and maintainable for production workloads.
Defining 'Production Ready'
Before starting the setup process, it’s important to understand what qualifies a VPS as production ready. Key requirements include:
- DNS records pointing to the server
- Application running reliably on the VPS
- Strong security practices with TLS for encrypted communication
- SSH hardening to prevent unauthorized access
- Firewall setup to restrict unnecessary ports
- High availability via load balancing across multiple app instances
- Automated deployments for continuous updates
- Monitoring and alerting to detect downtime
Choosing the Right VPS Provider and Instance
Several VPS providers offer affordable and scalable plans. For this setup, a VPS instance with at least 2 vCPUs and 8GB of RAM is recommended for smooth performance. An example is Hostinger's VPS offering at a competitive price with sufficient bandwidth. This allows you to handle moderate traffic and run multiple containers or services comfortably.
Initial VPS Setup
Start with a base operating system installation; Ubuntu 22.04 LTS is a reliable and widely supported choice. Avoid pre-configured panels or environments if you want full control. After deploying the VPS, create a secure root password and add your SSH public key to enable secure access. Avoid logging in as root and instead create a new user with sudo privileges for management tasks.
Configuring DNS
Purchase a domain and point its DNS A record to your VPS IP address for convenient access. DNS propagation may take a few hours, so be patient during this step.
Securing the VPS
Focus on securing SSH access by disabling password-based authentication, ensuring only key-based logins are allowed. Modify SSH settings to prevent root login and disable PAM authentication. Setting up a firewall is essential — use uncomplicated firewall (ufw) to only allow ports for SSH (22), HTTP (80), and HTTPS (443).
Deploying Your Web Application
Rather than compiling your app directly on the VPS, use Docker for containerization. Docker containers encapsulate your app dependencies and environment, simplifying deployment and updates. Install Docker and Docker Compose to manage multi-container applications.
Configure your web app, database, and reverse proxy services using Docker Compose. Use Docker secrets for sensitive information like database passwords.
Reverse Proxy and Load Balancer Setup
Set up a reverse proxy to expose your web app on standard HTTP/HTTPS ports. Traefik is an excellent lightweight option that automates routing, load balancing, and TLS certificate management. By scaling your application instances and leveraging Traefik’s load balancing, you improve availability and user experience even on a single VPS node.
Enabling TLS for Secure Communication
Traefik integrates seamlessly with Let's Encrypt to automatically provision and renew SSL/TLS certificates, ensuring encrypted HTTPS traffic to your application. Enable HTTP to HTTPS redirection to force secure connections.
Automating Deployments
To achieve continuous delivery, deploy Watchtower, a container that monitors your Docker images for updates and orchestrates rolling restarts of services. This setup ensures your VPS always runs the latest application version with minimal downtime.
Monitoring and Alerts
To maintain reliability, use uptime monitoring services like Uptime Robot, which periodically checks your website's availability and sends notifications if downtime occurs. This monitoring is crucial for timely response to any production issues.
Conclusion
Setting up a production-ready VPS is more accessible than many developers expect. By carefully configuring DNS, security, containerized deployment, reverse proxy, automated updates, and monitoring, you can run reliable and scalable web applications without expensive overhead. Tools like Docker, Traefik, and Watchtower simplify operations while maintaining professional standards. With a modest investment in a VPS, you gain control, cost predictability, and growth potential for your projects.
