I'm looking at using digital ocean with bitnami to host my new rail app. Heroku is way to expensive for what it does but i'm not a server admin and i'm not sure bitnami is enough.
It is said that you can run production app with the combo bitnami+digital ocean on their ads. ( https://bitnami.com/learn_more #running apps in production ) How true is that ?
Last time i tried running an app on a vps i had to install the likes of fail2ban , a firewall , Logwatch or whatever and it was what was the most complicated.
Is bitnami really plug and play or will i still need to do all the server admin and it just install the ruby stack ( as it seems to be doing).
Are people really running production app as is ? without any security related things ?
Thanks
Bitnami developer here. We configure all Bitnami apps taking into account all the security guidelines. Security is very important for us and you can see in our blogs we release new security fixes in 24 hours and for most important ones (heartbleed, shellshock) we also release patches installers. Some of the basics security configurations are the following:
We also adapt the memory server settings to the instance type automatically so you will get the max performance for your instance: see PHP-FPM configuration, disable .htaccess files, mod_pagespeed and others at Bitnami Wiki https://wiki.bitnami.com/Components/Apache/Apache_event_MPM