Build Log - Edge Firewall, Proxy, and Privacy Setup

Summary

• Projects: paulwilliams.io, Edge Firewall
• Theme: Infra hardening, caching, and privacy
• Highlights:
  • Synced TikTok handle branding across paulwilliams.io.
  • Upgraded and secured Edge firewall with Wireguard and new configs.
  • Deployed DigitalOcean Edge Proxy VPS with security best practices.
  • Added advanced caching via Nginx for static content performance.
  • Integrated Umami analytics and published Privacy & Cookies Policy.

---

Timeline & Work Log

🕘 9:00 AM — Brand Alignment

• Updated TikTok username reference to match new handle.
• Synced footer and metadata links on paulwilliams.io for consistency.

🕥 10:45 AM — Edge Firewall Upgrade

• Backed up existing firewall configuration.
• Installed required OS and package updates.
• Set up Wireguard (network security enhancements and monitoring).
• Verified ruleset post-upgrade.

🕛 12:00 PM — DigitalOcean Edge Proxy

• Created a new VPS on DigitalOcean for proxy and caching layer.
• Updated packages and rebooted:

  sudo apt update
  sudo apt upgrade -y
  sudo reboot
  

Notes

# Basic VPS hardening
adduser yourname
usermod -aG sudo yourname
rsync --archive --chown=yourname:yourname ~/.ssh /home/yourname
ufw allow OpenSSH
ufw allow 'Nginx Full'
ufw enable


# Proxy cache check
sudo systemctl reload nginx
curl -I https://paulwilliams.io | grep HIT

Next Up

• Add uptime monitor for edge proxy (healthchecks.io or self-hosted)

• Check Cloudflare ruleset for DDoS and rate limiting

• Optimize Umami dashboard filters for TikTok traffic attribution

• Publish mini write-up: “Why I built my own edge proxy instead of using Cloudflare Pages”