Self-hosted [OpenSource] VPN server, How to DIY and Why

Why do you need a VPN?

This can be a whole separate article, but shortly, it can make cyber snooping more challenging when you are using a public network with nodes that you don’t trust. Like when you are travelling, or when you are using your laptop or mobile in a coffee shop or hotel. There are other benefits, like avoiding censorship or accessing region-blocked services.

Can you use a VPN to do some shady things?

Well, not really. VPN and server providers usually record IP addresses and other information regarding your devices and the software that you are using and when you pay for a service, you give them even more information about yourself.

What are the disadvantages of public VPN providers?

With a virtual private network, you can easily browse the internet without having to worry about any types of monitoring, tracking, and restrictions that are done by the government, your ISP, your company or other third parties. But there can be some disadvantages for sure.

Is a self-hosted VPN a better choice?

Surely, it has some benefits. You have the whole server to yourself. The whole bandwidth. The network is not noisy, the IP address is yours, you can control the whole thing and the users, can create some accounts for your family, colleagues or friends, if you want to, but you have to know a few basic things about computer networks, servers, Linux and hosting companies.

How to do it

You need a server. A virtual private or a cloud server. You can order one from DigitalOcean, VULTR, IONOS or any other provider that you like. If you are in Europe or you want an IP address in that region, you can choose OVH, Hetzner or Scaleway. As I said, you don’t need a fancy server. A $5 droplet from DigitalOcean will do the job.

Software choices

The OS depends on the VPN server software that you want to use. We will introduce some of the reliable and popular options in this video. Most of them run on Linux. So you have to check the best OS for your software based on the requirements and your preference.

The VPN servers for Linux:

What defines a good VPN server?

  • Strong Encryption algorithms
  • Ease of Installation and Configuration, Good tutorials and documentation
  • Being Open Source and auditable for security vulnerabilities
  • High Performance

OpenVPN

OpenVPN is both an open-source VPN protocol and VPN software that enables people to run secured VPN connections. OpenVPN protocol is very secure, really stable, and it works on multiple platforms. Most security experts recommend always using OpenVPN for anything you do online, especially since it’s such a transparent option, being open-source and audited.

WireGuard

WireGuard uses modern, fixed algorithms like AES-256. WireGuard is more lightweight than OpenVPN and claims to be faster and more efficient. Despite how “young” the WireGuard protocol is, it has been quickly accepted by online users, and even managed to catch the attention of main Linux developer Linus Torvalds who called it a “work of art” , and was eventually included in the Linux Kernel version 5.6 tree.

OpenConnect

OpenConnect is an open-source software application for connecting to virtual private networks.

SoftEther

SoftEther VPN Project develops and distributes SoftEther VPN, An Open-Source, Free, Cross-platform Multi-protocol VPN Program, as an academic project from University of Tsukuba.

pfSense

pfSense is a free and open source firewall and router that also features unified threat management, load balancing, multi WAN, and more. You can install and configure it on your server and then install the VPN server packages. It can be installed on a virtualized environment.

Conclusion

Public VPNs aren’t a waste of money, but they have cons of their own. You can self-host a VPN server yourself, it’s harder to implement and maintain, especially if you are not a tech savvy user, but once implemented, it can solve a lot of the issues that you might have with a public VPN. You are not still 100% anonymous with a self-hosted VPN and they have difficulties of their own. You have to leverage if it’s the right solution for you or your business.

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Ethical Hacking: Cryptography — Notes

PROTECT HARVARD, MANDATE LASTPASS

{UPDATE} AR脱出ゲーム 2週間でなくなる妹の部屋 Hack Free Resources Generator

Vulnerability allows cross-browser tracking in Chrome, Firefox, Safari, and Tor

Ransomware Attacks: Digital Money Snatching from Financial Sectors!

TryHackMe — BiteMe WalkThrough

USDD on Uniswap V3 Operation Guide

One Protocol- #Veraswap

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Alireza Mortazavi

Alireza Mortazavi

More from Medium

Mac best K8 environment using Multipass with Ubuntu and VirtualBox

Hardware I Use For Selfhosting

Step-by-Step Guide for Configuring a Homelab VPN Server That Just Works

Passwords derivation using OpenSSL 3 (SCRYPT) and PWGEN