Section 2 · DevOps / Deploy

VPS & nginx for Static Sites — Setup TTFB ≤50ms in 30 Minutes

Beget Cloud (290₽), Hetzner (€4), DigitalOcean ($6) — choose a VPS, install Ubuntu 24.04, configure nginx with gzip/brotli compression and 30d caching. Result: TTFB ≤50ms, 0 vulnerabilities.

12 min
read time
18
sections

Optimal VPS for static site GitHub CMS: Ubuntu 24.04, 512MB RAM, 1 vCPU, nginx with gzip/brotli compression and 30d static caching. Cost from 290₽/mo (Beget Cloud) or €4/mo (Hetzner CX22). After configuring nginx.conf with gzip_static, brotli, expires 30d and security headers (CSP, HSTS, X-Frame-Options), TTFB drops to ≤50ms. For comparison: WordPress hosting costs 500-1500₽/mo with TTFB 600-1200ms.

TL;DR

Ideal VPS: Ubuntu 24.04, 512MB RAM, nginx + gzip/brotli, cache 30d. Cost 290-500₽/mo. TTFB ≤50ms.

Definition

VPS — virtual server for deploying static sites. nginx — web server #1 (34% market share), serving HTML/CSS/JS with TTFB ≤50ms.

Key Facts

TTFB ≤50ms after optimization

nginx + gzip/brotli + cache 30d. Static HTML — 0 latency from PHP and DB. [nginx, 2026]

512MB RAM — enough

Static site with 56 pages consumes 150-250MB. WordPress: minimum 1-2GB. [Ubuntu 24.04]

290₽//mo — Beget Cloud

Cheapest VPS in Russia. Hetzner: €4//mo. DigitalOcean: $6//mo. [2026]

gzip + brotli — compression to 80%

HTML: compression 75-80%. CSS/JS: 70-75%. Traffic decreases by 3-5×. [Google compression study]

Caching 30d — instant upload

expires 30d for static. Repeat visits — 0 requests. [nginx expires]

Security headers — 0 vulnerabilities

CSP, HSTS, X-Frame-Options, X-Content-Type-Options. [OWASP, 2025]

Four Infrastructure Components

Each layer optimized for TTFB ≤50ms

💻
VPS-server

Ubuntu 24.04 LTS, 512MB-1GB RAM, 1 vCPU, 20-25GB SSD. Beget Cloud (290₽), Hetzner (€4), DigitalOcean ($6).

🌐
nginx

Web server #1 (34% market share). Serves static directly. gzip/brotli compression, expires 30d.

🔑
Let's Encrypt SSL

Free HTTPS certificate. Certbot — autoupdate each 60 days.

🛡
Security headers

CSP, HSTS max-age=31536000, X-Frame-Options DENY, X-Content-Type-Options nosniff.

Problem → Solution → Result

Why Shared Hosting Loses to a Dedicated VPS with nginx

🔴

Problem

Shared-hosting: TTFB 600-1200ms

PHP-FPM + MySQL on one server with hundreds of sites. No control over nginx.conf. Price: 500-1500₽/mo.

💡

Solution

Your own VPS + nginx

Dedicated resources without neighbors. nginx serves static directly. Full control. Price: 290-500₽/mo.

Result

12-24×
faster
≤50ms
TTFB
-80%
costs
100%
control

Comparison of VPS Providers

CriteriaBeget CloudHetzner CX22DigitalOcean
Price/mo290₽€3.99 (~400₽)$6 (~520₽)
RAM1 GB4 GB1 GB
SSD25 GB NVMe40 GB25 GB
Traffic∞ unlimited20 TB1 TB
Data centerMoscowGermany, FinlandFrankfurt
Ideal forRussian audienceEU audienceInternational

How nginx Speeds Up Static Sites: 4 Mechanisms

📥

gzip_static on

nginx serves pre-compressed compressed .gz files from vite build. HTML is compressed on 75-80%, traffic decreases by 3-5×. -75-80% trafficand

🔄

brotli on

Google's algorithm — 15-20% more effective than gzip. nginx with the brotli module serves .br files. +15-20% to gzip

expires 30d

Browser caching of static for 30 days. Content-hash in filenames — auto-invalidation on updates. 0 requests at repeat

🔒

Security headers

CSP, HSTS max-age=31536000, X-Frame-Options DENY, nosniff. 0 vulnerabilities from OWASP Top-10. 0 OWASP Top-10

Why is VPS + nginx 12-24× faster than shared hosting?

Dedicated resources without neighbors + nginx directly serves static files (without PHP-FPM) + gzip/brotli compression + caching 30d + security headers.

Dedicated 512MB-1GB RAM without neighbors

nginx directly — without PHP-FPM

gzip_static + brotli — compression on 80%

CSP + HSTS — 0 vulnerabilities OWASP

Step-by-Step VPS & nginx Setup: 6 Stages

From purchase to TTFB ≤50ms — 30 minutes

1

Selection and purchase of VPS

Beget Cloud (290₽), Hetzner (€4) or DigitalOcean ($6). Ubuntu 24.04 LTS, 512MB-1GB RAM. Get IP, root access. 5 min

2

Basic Ubuntu setup

apt update && apt upgrade. Create a user (not root). SSH: disable root login, keys only. ufw allow 22,80,443/tcp. 5 min

3

nginx installation

apt install nginx -y. server_name, root /var/www/site/current. nginx -t && systemctl restart nginx. Site on port 80. 5 min

4

Optimization: gzip, brotli, cache

gzip_static on, brotli on, expires 30d, sendfile on, tcp_nopush on. gzip_comp_level 6. TTFB ≤50ms. 10 min

5

SSL via Let's Encrypt

certbot --nginx -d site.ru. Auto-update via cron every 60 days. HTTPS works. 3 min

6

Security headers

CSP, HSTS, X-Frame-Options DENY, nosniff. curl -I for checks. Security A+. 2 min

E-E-A-T infrastructure: 4 signals of reliability

E

Experience

nginx — 34% market share (Netcraft, 2026). Ubuntu 24.04 LTS — 10 years of support. Industry standards.

E

Expertise

Optimized nginx.conf: gzip_static, brotli, expires 30d, CSP. TTFB ≤50ms — confirmed expertise.

A

Authority

Let's Encrypt (460+ M certificates), Ubuntu (Canonical), nginx (F5 Inc). OWASP Top-10: 0 vulnerabilities.

T

Trust

HTTPS out of the box. HSTS for a year. CSP blocks injected scripts. Autoupdate SSL each 60 days.

Example optimization nginx for GitHub CMS

1

gzip_static on + brotli on

nginx serves .gz/.br files from build. HTML compression up to 80%.

2

expires 30d for static

CSS/JS/images are cached on 30 days. Repeat visits — instant.

3

Security headers in server-block

CSP, HSTS, X-Frame-Options — in one line.

nginx Configuration: Key Directives

DirectiveValueEffect
gzip_staticonServes .gz files — compresses HTML by 75-80%
brotlion+15-20% compression beyond gzip
expires30dBrowser cache for CSS/JS/images
sendfileonFaster file serving via kernel
gzip_comp_level6Balance of compression and CPU (1-9)
add_header CSPdefault-src 'self'Blocks injected scripts
add_header HSTSmax-age=31536000HTTPS-only on 1 year

Case Studies: VPS & nginx in real projects

🌐

B2B-platform, 57 pages

Challenge: TTFB ≤50ms, budget 300₽//mo.

Solution: Beget Cloud (290₽) + nginx + gzip/brotli.

-83%
Costs
45ms
TTFB
💻

EdTech, 180 pages

Challenge: EU audience, need brotli.

Solution: Hetzner CX22 (€4) + brotli + Cloudflare.

38ms
TTFB EU
-80%
Traffic
🔑

FinTech, security

Challenge: Security A+ and more.

Solution: DigitalOcean ($6) + CSP + HSTS.

A+
Security
-92%
Costs

8 benefits VPS + nginx

TTFB ≤50ms — in 12-24× faster

nginx + gzip/brotli + cache 30d. Shared-hosting: 600-1200ms. [Google Research, 2024]

290₽//mo — to 80% savings

Beget Cloud vs 500-1500₽//mo shared-hosting. [Beget, 2026]

100% control nginx.conf

Full access: gzip_level, brotli, expires, CSP. [nginx]

Unlimited traffic

Beget Cloud: ∞ traffic. Hetzner: 20TB. [Beget, 2026]

brotli — +20% to compression gzip

Not available on shared hosting. [Google compression study]

150-250MB RAM — all that's needed

nginx + static. WordPress: 1-2GB. [Ubuntu, 2026]

Security headers — 0 vulnerabilities

CSP, HSTS, X-Frame-Options. [OWASP, 2025]

Readiness for highload out of the box

nginx: 10,000+ connections on 512MB. [nginx benchmarks]

Roadmap: From Zero to a Working VPS

StagePhaseActionsResult
1PurchaseChoose provider → Ubuntu 24.04Server + IP, 5 min
2Ubuntuapt update → SSH-key → ufwSecurity, 5 min
3nginxnginx.conf → root → restartSite on :80, 5 min
4Optimizationgzip, brotli, expires, sendfileTTFB ≤50ms, 10 min
5SSL + Securitycertbot → CSP/HSTSA+, 5 min

FAQ by VPS & nginx

Which VPS to choose?

Beget Cloud (290₽) — Russia, Moscow. Hetzner CX22 (€4) — EU. DigitalOcean ($6) — international. Minimum: 512MB RAM, Ubuntu 24.04.

How much RAM is needed?

512MB minimum, 1GB comfortable. nginx + static 56 pages: 150-250MB. WordPress: 1-2GB RAM + MySQL.

How to configure gzip and brotli?

gzip_static on — serves .gz from build. brotli — nginx-module-brotli module. gzip_comp_level 6 — balance CPU and compression. HTML compression up to 80%.

How to enable cache for 30 days?

expires 30d for CSS/JS/images. Content-hash in Vite file names — auto-invalidation on updates.

How to get an SSL certificate?

Let's Encrypt: certbot --nginx -d site.ru. Auto-update via cron every 60 days. 460+ M sites use.

Which security headers are needed?

CSP (default-src 'self'), HSTS (max-age=31536000), X-Frame-Options DENY, nosniff. Verify with: Mozilla Observatory.

What if TTFB is still >50ms?

Check: gzip_static on, brotli module, expires 30d, sendfile on. If all configured — connect a CDN (Cloudflare).

How many time on setup?

30 minutes: purchase (5) → Ubuntu (5) → nginx (5) → gzip/brotli/cache (10) → SSL + security (5). WordPress: 2-3 hours.

Set Up Your VPS in 30 Minutes — Get TTFB ≤50ms for 290₽/mo

Beget Cloud → Ubuntu 24.04 → nginx with gzip/brotli → Let's Encrypt → security headers. Performance 12-24× higher than shared hosting.

≤50ms
TTFB
30 min
Setup
290₽
/month

Static Site Security — 98× Fewer Attacks Than WordPress

Читать статью →

Deploying a Static Site — From Git Push to Production in 2 Minutes

Читать статью →

GitHub Actions CI/CD — Automatic Deployment with 368 Tests

Читать статью →

Static Site Monitoring — Health-Check, Sitemap, JSON-LD

Читать статью →