Reply To: Got me a brand new *FAST* VPS

[__]

I wonder if the whole local machine >> github >> live server is the best and most secure workflow.

No, I absolutely wouldn’t do that. (And it “feels wrong” because you’re making github an unchecked gateway to your website.) Ideally, though, it’s less of a security concern, and more of a breaking-things concern.

What I would do (and have done, in fact) is more like this:

local machine » [github] » server (dev/testing) « server (live site)

So,

• local machine (contributor) pushes to github
  (I leave github out sometimes, which is why it’s in brackets above)
• github auto-pushes to a dev repo on the server.
  This repo might also be a testing site.
  Additionally, the push may not be automatic depending on how much you trust the contributor.
• the server (admin, you) pulls the dev repo to the live repo (the site itself) when ready (this step is definitely not automated).