I have seen the following argument (summarized here as I understand it):

Despite the promises that VPN providers make, it is known that they will often monitor your traffic, collect logs, might share your information, and will collaborate with law enforcement. Renting a VPS and running an OpenVPN server on it and using that as your VPN, is better - because you have full control over the logs. Let’s assume we trust the VPS provider to adhere to their TOS and privacy policy.

To talk about a concrete typical usecase, I am thinking about how this applies to downloading illegal torrents. In my current view, the only scenario in which the self-hosted option makes sense is if you pay for hosting using crypto and reveal no personal information during the process. Otherwise using a VPS would be virtually the same as downloading it through your ISP - and in some cases even worse - because the VPS provider might be more easily pushed to throwing you under the bus if abuse is reported since this might be a TOS violation. On the other hand, a VPN provider has a much larger motivation to protect users against this because the way that users perceive these protections is fundamental to their business model.

So, is there a reason to self-host a VPN instead of using a VPN provider? If so, should the VPS be acquired anonymously, or are there ways to protect yourself while using a provider that you gave your personal information to?

  • Kromonos@fapsi.be
    link
    fedilink
    arrow-up
    2
    ·
    edit-2
    2 years ago

    Do you mean that you do this to have a static IP pointing to an admin page? Why does that increase security?

    Exactly this. You can configure nginx/apache this way, that specific pages, like an admin interface, are only reachable from a specific IP range. If it comes from another one, you can return whatever you want.
    It increases security in this way, that crawler don’t even get known about such administrative pages and there’s no way to brute-force the login.

    Edit: Thanks for the tip with Nyr OpenVPN.

    • SalamanderOPA
      link
      fedilink
      arrow-up
      2
      ·
      2 years ago

      Exactly this. You can configure nginx/apache this way, that specific pages, like an admin interface, are only reachable from a specific IP range. If it comes from another one, you can return whatever you want.

      Aah, that’s very smart. Thanks for explaining!