CloudCloud4Com (CZ)
10 → 4server consolidation
3 monthsdesign and migration
0security incidents after migration
Initial state and requirements
The original environment consisted of 10 virtual servers at a Czech hosting provider — technologically inconsistent, with various versions of Debian and resources shared among hundreds of projects (Apache, PHP, MySQL).
- frequent security incidents and applications affecting one another,
- EOL OS versions without security updates,
- inconsistent administration with no unified concept.
The proposed solution
- a move to the Czech Cloud4Com cloud, reducing from 10 to 4 more powerful nodes,
- unifying the OS to Ubuntu LTS, splitting by PHP version, databases on MariaDB,
- after migration, an analysis of real load and optimisation of performance and costs.
Security and architecture
- L4 and L7 firewall, IDS/IPS, QoS for HTTP/S traffic,
- GeoIP blocking and selective ACLs, regular hardening,
- strict project isolation — incidents don't spread between applications,
- central monitoring, logging and backup to a geographically separate location.
Benefits
- elimination of the security incidents common in the original environment,
- a significant increase in stability and performance, with the ability to react quickly to load changes,
- centralised, clear administration and a reliable partnership for long-term operation.