When I saw this post, I held back and waited with my answer. Basically, I was right. Hardly anyone understood exactly what you wanted to do. The essential answer to your question is: yes, it is possible. However, it is not for an inexperienced novice like you are.
For such a project you need extensive understanding and knowledge of network technology, VPN, routing and firewall. Furthermore, it must also be allowed and fully supported by the VPN provider. You need a dedicated IP address from the VPN provider and complete configuration options for port forwarding at the VPN level and on your VPS. With an own VPN server on another server a problem would be solved, but at the same time another problem would have been added. It increases the level of difficulty. You have to install and configure the VPN server yourself. Furthermore, create the necessary routing & firewall rules on both sides (VPN Server - VPS).
Please don't be offended. I think this path is not for you. It would be easier and cheaper to get a VPS with DDoS protection. In addition, please do not ask me any further about this topic. I only read about it theoretically, but never practiced or saw it in practice. I played with it several times in my mind. But without a real benefit for me there is no reason to chase this idea. I personally only have a VPS and there I only operate a few small things that do not need something like that.
For any other participant in this conversation. The idea behind this is that the VPN server serves as protection for the VPS behind it. Every access to the VPS (with exceptions) is mainly done via the VPN server, which offers itself as a front end on the Internet. Visitors basically don't know that they are accessing the actual VPS through a VPN. The visitors access the IP of the VPN server. The requests on certain ports are forwarded internally to the VPS (VPN tunnel between VPS and VPN server). Therefore, advanced knowledge and experience are required, because port forwarding and so on must be configured correctly. In addition, the firewall on both sides must also be configured correctly and carefully so that leaks can be prevented (with exceptions).
Using a VPN for this is not the usual approach. A more common and widely used method is a GRE tunnel.
GRE Tunnel:
-
https://www.imperva.com/blog/what-is-gre-tunnel/
-
https://community.hetzner.com/tutorials/...gre-tunnel
This is also not as easy as it looks. Please be careful.