Matthew,

I don't no but it would probably cost a lot of money, which is why dedicated hosts cost so much!

start off with fully managed.
then later you can transition to something else.

Perhaps most importantly, is the job of running a dedicated server something I should even be considering without any experience?

A good question. I think a lot of it depends on how quickly you learn. I've done it from scratch (had great difficulty with red hat until I got my head around the way that the updates work - from there it was quite easy). I recommend you take an old box and set it up on your LAN somewhere to play with as a local test machine. Learn your OS offline.

How easy/difficult is the server setup and configuration?

When you've learned how your OS works, fairly easy.

Does it take a lot of research to keep on top of security, or is it mostly installing patches from time to time?

You need to keep up to date. 10 mins a day should do the trick on keeping up to speed with what the latest security patches might be and when you've learned where to look. Google alerts are also handy here - you can have yourself emailed when something important is announced (don't rely on it though). Some OS's can be set to auto-patch, but that in itself could be quite dangerous if you're running any non-standard software (sometimes an update on one application will break another).

What else should I know before embarking on running my own server?

That's a hard question to answer as a lot of things you will need to learn on the job. As I mentioned above, the best advice I can offer is to pick your provider and take whatever OS they use and install it on a local machine. Then spend 2 months patching it and learning it. You can also spend that time learning where to look to find up to the minute security patch announcements. Several co-lo and non-managed hosts also have forums.

It is a daunting task at first, but it's also highly rewarding when you've learned the ropes. It helps greatly to have a mate or two you can rope in to keep an eye on things if you're on holiday etc. Many non-managed hosts also have a port monitoring system which will send you an SMS if it looks to their server like something has failed. That has saved my bacon on more than one occasion in the past with self-managed hosting.

TJ

my advise if this is your first time out is get a virtual private host first. You control everything but you can;t screw it up too much.

excellent way to startt off

sort of like a dedicated server with training wheels

It's not really expensive or hard to do - $100/$200 a month, plus you typically get a control panel from which it is pretty easy to maintain domains.

Frankly I don't do many patches. They may conflict with the control panel software anyway, and if you use a safe setup there's not too much danger of getting hacked. Keep in mind that if you DO get hacked the ISP will probably just wipe the hard drive and you could lose everything, so make sure you have that possibility covered.

Some suggestions re security off the top of my head:
(1) use secure passwords;
(2) don't ever use plain-text tools like FTP and Telnet - use secure software such as PuTTY and WinSCP only;
(3) don't allow anybody you don't know and trust to have an account on the server;
(4) use Linux instead of Windows as an OS - although it helps to have some knowledge of Unix/Linux in advance, because the commands are about as non-intuitive as it's possible for software to be.

3 things:
- kill all unnecessary processes or outsource their services (in particular bind/named and sendmail) don't run anything besides apache and ssh on your box
- subscribe to security sites, keep apache and ssh and php etc. updated
- hire somebody to establish an extensive backup strategy

What else should I know before embarking on running my own server?

Setting everything up will be a full-time job. Once you've gotten past that initial learning curve, the one where everything actually starts to work, then you can begin to spend a little less time.

It's been mentioned, and is worth mentioning again, avoid using Windows Server. Not because it's bad software - because it's a huge target and you simply save yourself some trouble. I believe some of the best server applications are also Open-Source. Can anyone else support this belief?

I spent less than a day installing a WAMP configuration over here. A little more time was spent looking at securing it from the outside world. After that, it doesn't demand much of my time.. it just works. There are some significant differences between my localhost and your dedicated server, but the point is, the applications won't need constant attention - leaving you more time to discover security issues.

If I was doing this, I would set up a dedicated server in a secure environment beforehand, then test, discover, re-configure, and whatever else before going live. It beats 'trial by fire' by a mile - if you can afford the time it takes.

Is it a full time job?

That depends. Do you want to master the concepts of mod_rewrite, or just use it. That's just an example, but you can either use Apache or completely understand Apache before ever installing it. If you go the 'complete understand' route, you'll need a lot of time.

And a final thought. Keep in mind that any problems you do have will always happen in the middle of the night, on the weekend, when you're 200 miles down the road with a flat tire. Nothing ever goes wrong when you're sitting there watching things. So it may often seem like a full time job, even when it isn't.