Comment by pmdr

> The second you expose anything to the public internet it is going to be flooded by malicious bots looking for things to exploit.

I've been running VPS's since at least 2010 and this has always been the case for me, getting "scanned" all the time. Yet what I also noticed is that default installations of most modern software are not as insecure as most "cloud devs" nowadays have fearmongered us into believing. You can run your own MySQL or the likes. Or use SQLite. Use stable, secure software and use publickey auth. Look into scripts that block repeated and invalid requests. Hell, use Docker or jails to run most things.

Perhaps it's true that no one is unhackable, but that definitely doesn't mean you'll 100% get hacked within a day of running your own server.