Reflection on running my own servers

I’ve came a long way since I first started building software and running my own blog. My first website I published in early 2000, it was a subdomain of my fathers domain. I focused on my dog on this website, and made him a little HTML fan page. I also created a little internet blog using static HTML and manually linking everything. I would’ve considered myself at that point to be “high tech”. In fact, our basement hosted the home server, on a static IP address my father paid $100 every month for. Eventually, over time the price went from $100/month down to $15/month, but, nonetheless it was expensive.

In our basement, my father hosted an email server, web server and basic file server all on one machine. I can’t recall the original operating system, but eventually an old colleague of my fathers helped him become more “modern” and had him upgrade to CentOS (in about 2009). My family had our own hosted email there, everyone had an account. My father wasn’t into filtering email, but there was a trust given. He ran spamassassin to curve the mass amounts of spam, yet some still came in.

After he moved to CentOS, about a week later his server died. The machine just refused to turn on, and he decided it’s time to get a new server. He went out and bought an old desktop computer, put 8 GB of memory in it, put his old 500 GB hard drive in it, spent money on 1 TB hard drive and that was the server reborn. He kept backups of all our emails, websites, etc. and was able to recover them very easily.

Over the next few years, I made a few game servers that I hosted on my very own IBM computer, I thought it was a beast. It ran Windows XP, had 512 MB of memory and not a lot of storage. But, it was mine! I remember learning how to code more modern HTML, CSS, and PHP. I wasn’t a fan of Javascript at the time, but eventually learned it near December 2010.

For the next few years, I spent tinkering with code and hardware. I wrote a lot of applications, and they were vulnerable. I had no idea about their vulnerabilities, until one day my site was hacked and so was my fathers server. He quickly took the web server down, removed the bad binary files and put it back online, this time without my code. He told me I should look into how to make it secure, and that’s where my cyber security obsession began.

I iterated on it, working my butt off to make it secure, and asked my dad for a second chance. I gave him the code, he uploaded it again, and it was back live. You see, having my own blog and writing my own somewhat dynamic code to power it was awesome.

My father became a big Joomla fan, and even wrote some software he was going to sell with Joomla. He got a meeting with a political party candidate and pitched him the software, he loved the software but never ended up signing up for it, because his party leader just signed a massive deal with a competitor. Unfortunate, but it happens.

In 2014, my father decided it was time to stop hosting at home, we were stuck at an old slow 10/1 DSL connection, and with new technology and our family wanting to play games on platforms like Xbox, Playstation, and our computers, he retired the home server and moved it to the “cloud” – a VPS at 1and1. That was the end of the home server, but nothing really changed.

When I was 13 almost 14 my father brought home a server from his work, a 2U HP server, it had 8 GB of RAM and 4 SAS drives. His friend at work knew I loved computers and he was going to recycle this machine, so he sold it to my father for $100 cash. He placed a bet, and didn’t think I’d be able to configure the raid array for a few weeks. He underestimated me, within 45 minutes of getting it I had the RAID array configured in RAID10, had the drives wiped and was installing the new operating system. My father went to work the next day and told him, he was impressed. Impressed enough he actually gave me another server for free. I appreciate what he did, and it made me love technology even more.

These servers were loud, so loud we had to turn them off at night. They were Gen 4s. The other server was a Dell machine. They’re old, but they were incredible to me. I remember hosting a small website on them, a few applications for my father to test out and play with, and one was a backup server box. I fell in love with servers and technology in general.

Fast forward over the years, I got new computers, my servers still lived, and when I was 18 I retired the servers. They’d been with me for years, they were loud, and I wanted to upgrade them. I went out, bought myself a brand new server, it was used, and very cheap ($250). This became the first evolution of what would end up being my homelab.

I built a homelab, with hosted servers like my website, blog, a forum mainly used to write down tutorials for myself and share them with people who requested them. I was loving every second of it. My wife became pregnant, and I decided I needed to focus on new priorities, and got rid of the servers. I put my website online in the cloud at 1and1, but quickly grew to not like their provider offering.

Eventually, I settled on DigitalOcean for a few months, before moving to OVH. OVH was rock solid, and because I used an IP as a VPN, I was subject to denial of service attacks, which DigitalOcean booted me for. OVH however, it stood up to the task and I never went offline, and that’s what sold me on OVH.

In 2018 I bought two more servers, I colocated them myself, and eventually sold them once more. The project I was working on didn’t come to pass, and I had no more need for them. I kept my OVH box alone, and one tower server I still have today. My OVH box is my main server, if my local server faults the DR plan is engaged and OVH takes over, and vice-versa if the OVH box faults at any point. I’ve started running VMWare ESXi on the hosts, and at OVH I’ve got tons of IP addresses assigned to me.

At home, I’ve got the one IP address from my ISP, and I’ve tunneled an entire /28 to my house. The latency was only 11ms to OVH datacenter, so it’s very good and stable. I assigned my router to use the VPN going out, and I’ve never had any issues with DDoS at home.

Technology has also came a long way, I used to be stubborn and refused to use any control panel, but after playing with Plesk I’m sold. I now pay for Plesk and Cloudlinux because they make a great combination. I’ve always got my staging and test boxes I don’t use any panel for, but for production it’s worth it.

I’ve been using Cloudflare since it came out, and I’ve watched it evolve over the years. I’m impressed, but I’m moving away from it for this blog and my podcast website. I’m switching to a proper, traditional CDN for serving the assets. I’m going to keep using the DNS on this blog, and my podcast website will use EasyDNS for the DNS servers.

That’s been my evolution into computers, servers. Today, I’m a full stack software developer and pentester. I’m a red teamer, and I’m very active on irc and discord. I’ve got an XMPP as well if you’d like to reach out, along with a Matrix server (yes, it’s self-hosted along with the XMPP server). You can find that information on my contact page.

How did you get started in technology and servers?