After years of internal debate, I've make the leap into a Virtual Private System using a small-sized Linode account.
One big upside of having a VPS is control over port assignment, especially for minimal Python servers.
Another big upside is the ability to monitor what is happening, who's attacking what and such. The sheer visibility into the system is quite empowering, whether I choose to do anything about it or not.
The downside ? Too much time consumed with administration and security versus shared hosting sites ? Maybe.
On the third hand, shared hosting is where I have spent many many hours recovering content destroyed by spammers and hackers ... a shared hosting environment can be as dangerous as any other, and maybe more so in the long run.
Will more control mean more security or more hassle ? The journey begins ...
Full access to auth.log and iptables alone is worth the price of a Linode account ( about $10 a month ). It's given me a whole new perspective on the web.
One hears about the possibility of cyberwar, but unless someone has seen it first hand, it difficult to understand that the cyberwar is happening now. It's going on loud and strong. Many people are aware from news articles that 'something is going on', but it really is a challenge to appreciate the scale of it if one has not seen it.
My dinky little site here gets about 100-200 port 22 attacks per day ( including addresses already blocked by 'iptables' ). The attacks are apparently random. As you can see from simple extrapolation, a low estimate of the total port 22 attacks per day against people like me must number into the many of billions, probably more like tens of billions.
So why isn't something being done about it ?
The sad fact is that American companies are manufacturing lots products and making lots of money 'over there', so what are the chances of an effective response from the powers-that-be in America ... a zero chance or less.
I think there needs to be some sort of coherent organization to defend American web sites from Asian attacks. In an age of 'citizen activism', this should be possible. There seem to be parts of an organization already in place.
Unfortunately, some of them are extremely political ... sort of 'stop foreign pollution of our nation's purity' stuff, if you read between the lines. Which is not the point, of course. Check out links back to the site from other sites, it can be revealing.
Some are serious and potentially effective ... see:
Anti-Hacker Alliance - http://anti-hacker-alliance.com/
Block Access to Your Server or Website - http://www.parkansky.com/china.htm
Potential battle slogan: Drop Baby Drop !!!
Update April 23rd: 40 million IP addresses blocked and counting ... I hope to reach 100 million by the end of the year. Kind of like pledge week. :-)