I’m trying to host some of my websites using the Enhance Web Panel.
My VPS provider is OVHCloud.
I currently have two VPS instances:
-
One in the EU, which serves as the main server (used primarily for portal login and backups),
-
And another in North America (NA), which will host the actual websites.
Security Setup
I’ve secured the servers as much as I can with the following setup:
OVHCloud Edge Firewall:
-
SSH is running on a custom port and is blocked by default.
-
WireGuard is also blocked.
-
Both services can only be accessed from the other VPS’s public IP for internal communication.
-
The firewall has a limit of 20 rules, so I’ve only blocked common ports. Unfortunately, I can’t block everything since Enhance uses random custom outbound ports.
Inside the VPS:
-
I use UFW and Fail2Ban.
-
If I’m not mistaken, Enhance also comes with its own built-in firewall.
-
I’m using Ubuntu Pro for updates and security patches, which I got for free since I have fewer than 5 devices. Not sure how much that helps, but it’s something.
-
I’m also using SentinelOne for Linux, although it’s still in the process of being activated.
Public-Facing Sites:
- I use Cloudflare Proxy so attackers can’t see the real IP address of the VPS.
The main VPS (EU) acts only as a portal login and backup server; all actual hosting is done on the NA VPS.
Has anyone done something similar or faced situations like this? How did you handle it?