Category: GNU/Linux

Cheapest VPS in South Africa

What company provides the cheapest VPS in South Africa.

These days we all need the cloud (also known as computers that you don’t own physically) to host our websites, API’s, hold our (or customer) data and run applications.

Recently I needed an elasticsearch application set up to make monitoring and analysing my API gateway easier. I tried to install that on my 1Gb VPS and it complained. Thanks JVM:

There is insufficient memory for the Java Runtime Environment to continue

So I went looking for a cheap Virtual Private Server that is on the Linux platform and based in South Africa (because my clients are in South Africa and latecy will be faster 20 milliseconds as opposed to 200ms when the server is in europe).

I have used either or, as they were the cheapest options I had found.

Any included services like backup are disregarded, also services that only provide hard drives like afrihost are also excluded.

But I am going to do a bit more research to try and find a cheaper deal for a virtual private server in South Africa, my finds are below:

CompanyMemory (GB)CPU (Cores)Storage (GB)Price (R/month)


If you have found a cheaper deal for servers hosted in South Africa, please let me know.


Generate a letencrypt ssl certificate for kong api gateway

So you have installed kong and you are ready for it to go into production. Whoops, nossl certificate yet? It is important that you add it as credentials will be moving between your gateway and credentials could be acquired by any party in between the client and your server.

But the standalone nginx plugin for cerbot does not work from my testing. As it is built on nginx, kong is not nginx.

Easiest Way is to Install Nginx

If Kong is running on port 80 then stop it: sudo systemctl stop kong

Install Nginx:

sudo apt install nginx

Install Certbot for nginx on your operating system

Get your certificates with the cert-only option:

sudo certbot --nginx certonly

When that completes it will tell you where your certificates and keyfile are:

Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/
Your key file has been saved at: /etc/letsencrypt/live/

Add these locations to ssl_cert and ssl_cert_key respectively.
Also make sure ssl = on

Stop Nginx:

sudo systemctl stop nginx
sudo systemctl start kong

Remove nginx:

sudo apt remove nginx

Fail2Ban Custom filters and Testing Regex’s against existing Logs

Fail2ban is a tool that can automatically ban malicious bots trying to get into your server. Provided you set up filters and the ip address (or fqhn) is logged you can use fail2ban with any application.

Create a filter, using a regular expression (fail2ban is built with python):

In /etc/fail2ban/filter.d/my-custom-filter.conf:


failregex = ^  -.* "POST \/user\/register HTTP\/1.0" 200

ignoreregex =

Now you want to test this for matches against a log file. Ensure that the log file has existing matches.

Make use of the command line tool fail2ban-regex:

fail2ban-regex /var/log/apache2/example-access.log /etc/fail2ban/filter.d/my-custom-filter.conf

You will get summary data like this:

Running tests

Use   failregex file : /etc/fail2ban/filter.d/my-custom-filter.conf
Use         log file : /var/log/apache2/example-access.log


Failregex: 1 total
|-  #) [# of hits] regular expression
|   1) [1] ^  -.* "POST \/user\/register HTTP\/1.0" 200

Ignoreregex: 0 total

Date template hits:
|- [# of hits] date format
|  [23636] Day/MONTH/Year:Hour:Minute:Second

Lines: 23636 lines, 0 ignored, 1 matched, 23635 missed
Missed line(s): too many to print.  Use --print-all-missed to print all 23635 lines

Which lets you debug your filter regular expression to ensure it is matching the malicious log entries.


Finally, add the new filter to your jail.local by appending the following:

enabled  = true
filter   = my-custom-filter
action   = iptables-multiport[name=NoAuthFailures, port="http,https"]
logpath  = /var/log/apache2/example-access.log
banTime  = 864000
findtime = 1800
maxRetry = 3

You can read more about the configuration of jails in the manual