Server Management, Self-Hosting, and DevOps Basics

The Constraint: Why Infrastructure Decisions Compound

Most development teams treat infrastructure as an afterthought. The application gets attention; the server gets whatever the default setup provides. This works until it does not.

A single misconfigured Nginx worker pool causes request queuing under load. A database running on the same disk as the application means a large import fills the volume and crashes both. An SSL certificate that renews manually gets forgotten and takes the site offline on a Saturday morning.

The constraint is this: infrastructure must be reproducible, observable, and recoverable. If you cannot rebuild a server from scratch in under an hour, you do not have infrastructure. You have a snowflake.

The Naive Approach: Manual Servers and Hope

The tutorial version of deployment looks like this: SSH into a server, run git pull, run composer install, run php artisan migrate, restart PHP-FPM. It works on the first deploy. It fails on the fiftieth.

The problems accumulate gradually. File permissions drift. Environment variables get edited directly on the server and never recorded anywhere. A failed migration leaves the database in a half-applied state. A composer install downloads a new dependency version that breaks the application, and there is no way to roll back without restoring a full backup.

The pattern extends to hosting decisions. A team starts on shared hosting because it is cheap. The application grows. Shared hosting throttles CPU during peak hours. The response is to upgrade to a bigger plan, then a VPS, then a managed platform, each migration requiring a full rebuild because nothing was documented or automated.

The Robust Pattern: Infrastructure as a Managed System

We treat web application infrastructure as code, not as a set of manual configurations. Every server we provision follows a repeatable process. Every deployment is atomic. Every failure mode has a documented recovery path.

The stack

Our standard Laravel infrastructure stack uses these components, each chosen for a specific reason and managed against a specific failure mode.

This is not a complex stack. It is deliberately simple. Fewer moving parts means fewer failure points, and every component has been battle-tested across hundreds of thousands of production hours.

Why Laravel Forge

We use Laravel Forge to provision and manage servers. Forge handles the tedious parts of server setup while still allowing SSH access for the remaining 10% that requires custom configuration. The alternative is maintaining Ansible playbooks or shell scripts for server provisioning. We have done both. Forge reduces the operational burden for the 90% case.

Forge also provides a deployment pipeline: pull code, install dependencies, run migrations, build assets, restart PHP-FPM. Each step is logged. Failures halt the pipeline before the application is affected.

Hosting Decisions: VPS, Cloud, and Managed Platforms

Choosing where to host a web application is a decision with long-term consequences. The wrong choice costs money, limits scaling options, or creates vendor dependency.

VPS hosting (our default)

For most Laravel applications serving under 50,000 daily users, a well-configured VPS is the correct choice. A single server with 4 vCPUs, 8GB RAM, and SSD storage handles more traffic than most businesses generate.

We default to Hetzner for European hosting. The cost difference is significant: a Hetzner CPX31 (4 vCPU, 8GB RAM, 160GB SSD) costs approximately €15/month. The equivalent DigitalOcean droplet costs $48/month. The equivalent AWS EC2 instance costs roughly $70/month before storage and data transfer. That price gap compounds over years.

VPS hosting also means you own your infrastructure. No platform lock-in, no proprietary APIs, no sudden pricing changes.

When to use cloud platforms

AWS, Google Cloud, and Azure make sense when you need specific managed services: object storage with CDN (S3 + CloudFront), managed database clusters with automated failover, or serverless compute for unpredictable workloads.

Our rule: start with a VPS. Move specific services to cloud platforms when you have a concrete requirement that a VPS cannot satisfy. Do not start on AWS because it feels professional. Start on a VPS because it is simple, fast, and cheap.

Managed application platforms

Laravel Vapor, Railway, and similar platforms abstract away server management entirely. These platforms suit applications with highly variable traffic or teams with no infrastructure expertise. The cost per request is higher, but the operational burden is near zero. The limitation is control: when something goes wrong at the platform level, you wait for their support team.

Zero-Downtime Deployments

Every production deployment we run follows the atomic deployment pattern. A deployment pipeline is not a luxury. It is the difference between a five-second rollback and a two-hour recovery.

The naive approach (running git pull in the live directory) means the application serves partially-updated code during deployment. A request hitting the server mid-pull might load old controllers with new views. This causes errors that are difficult to reproduce and diagnose.

Monitoring and Alerting

Monitoring without alerting is data collection. Alerting without monitoring is guesswork. We configure both.

Lessons from production

Certain monitoring lessons only come from experience. These are the ones that have saved us repeatedly.

Backup Strategy

We follow the 3-2-1 rule: three copies of data, on two different storage types, with one copy off-site.

The critical discipline is testing restores. A backup that has never been restored is a hope, not a backup. We test database restores monthly and document the recovery time. If a full restore takes longer than the business can tolerate, we adjust the strategy.

Scaling: Vertical First, Then Horizontal

Premature scaling wastes money and adds operational complexity. Most Laravel applications never need horizontal scaling. Vertical scaling (upgrading the server) is simpler, cheaper, and sufficient for the vast majority of workloads.

Vertical scaling

A single well-configured server handles more traffic than most teams expect. Nginx serves static assets from memory. Redis eliminates repeated database queries. PHP-FPM worker tuning ensures available memory is used efficiently. When a server is genuinely under-resourced, the fix is straightforward: increase RAM, add CPU cores, switch to faster storage.

When horizontal scaling is necessary

Horizontal scaling becomes necessary when a single server cannot handle the requirements regardless of size, or when you need geographic distribution for latency reasons. It requires architectural changes that are best planned before they are needed.

The decision rule: if your monthly hosting cost is under £500 and you are not experiencing performance problems, you do not need horizontal scaling. Invest that engineering time in application-level optimisation instead: query optimisation, caching strategies, and efficient background job processing.

Infrastructure as an Asset

Web application infrastructure is not a cost centre. It is an operational asset that determines uptime, deployment speed, and recovery capability.

• ✓
  Deployments happen multiple times per day Atomic deploys with one-second rollback. No stress, no downtime, no maintenance windows.
• ✓
  Failures are detected before users notice Continuous monitoring with targeted alerts. Problems found in minutes, not days.
• ✓
  Recovery follows a documented procedure Tested backups, rehearsed restores, known recovery times. No panicked improvisation.
• ✓
  Provider independence Standard Linux servers on standard infrastructure. Move providers in a day, not a quarter.

This is closely related to the question of owning versus renting your systems. Infrastructure decisions also affect your security and operational posture. Every component in the stack is a potential attack surface. Fewer components, kept current and monitored, means a smaller surface to defend.