Without being a noob but being a noob. How do

I? :D

Did you program your bot?

100% answer will be no 😂

course it's gonna be :D

Can you suggest me a good way to host a webhook server?

I host my webhook servers on a VPS. Any vps is suitable for that. I use servers from netcup

Check out contabo or webtropia

oracle, free tier

Contabo

Can i use same vps which bot is hosted in

Sure

I’m hosting on a PaaS based server, not a VPS. Which one is best for webhook

As long as your server has a public facing IP or domain, you can use it for webhooks

Is it the best way to approach to create a bot like ManyBot? I want it to create new bots when user supplies the token. I just want to know the best way to approach it

No. You'll expose your ip. You should use long polling

To create new process each time a user creates a new bot?

Very bad idea

Many bot creates token?

I mean, user provide the token, Bot creates the instance of the new bot using that token

Ohhk

That's a much more complicated question, which depends on a lot more

How does it create a new bot. Only bot father can do it correct?

I told you, i think you should read above messages clearly

It creates new instance?

What's wrong with exposing ip ?

Can be attacked

There will be an higher risk of targeted attacks against the machine or network. Security should be always a top priority

what attacks ? Can you explain in detail?

Flooding attacks like DOS or DDOS, Or if they are able to find any open ports like ssh they can bruteforce their way in.

Most of the VPSs has SSH which can be accessed from any IP.

if we secure our servers, then there won't be attacks, i believe. why would you prefer obscurity rather than hardening the software that you run?

There will be one way or another even if you “secure” it. Better way is not to expose your IP.

Most of the VPSs also are behind a firewall which should protect the companies infrastructure from DDoS ;) And on top of that, there are constant script kiddies checking each internet IP, so it won't be long before your server also get discovered. Nowadays hiding an IP doesn't have much sense

Ok, try to find out issue with @ItDidNotWorkBot it has a cloning feature. It is also open source.

Ddos can be protected using firewalls. Services like SSH will not be filtered as it is the main way to connect to the server.

believe me, SSH is also behind DDoS protection, has happened to me a few times that I've been limited

Every service you offer on the internet will be at risk of getting attacked. I would use webhooks in this case because it is easier to handle imho. If you can't protect your systems against attacks, you probably shouldn't host any services on the internet in the first place.

I think SSH is in the exceptions of almost every VPS’s firewall rules.

Firewall != DDoS protection

Oh ok i meant in common sorry

There are settings available When someone's tries to login in ssh multiple times which is not the same network It will detect as mitim attack and close the server :(