Securing my e-commerce website and SSH access
Posted: Wed Nov 15, 2017 2:47 pm
So here is the end result that I want to happen.
Close all ports except 80, 443, and openvpn ports maybe?
Then I will allow all ports to be open if you are connected to the openvpn making the server to be secured.
Lets narrow my example to SSH connection.
So right now I have Server 1 as my website and also a openvpn installed.
All ports are closed except 80,443
I whitelist this IP 172.27.224.0/20 in/out all ports.
So if not connected to VPN, I cannot access SSH.
But if connected, i cannot have it working. I cannot connect to my server using VPN and im not sure why.
Now, I experimented another method.
I have Server 1 as my website. And Server 2 as my openvpn server.
I closed all ports of my Server 1 except 80, 443.. And whitelist the IP address of Server 2.
So when I am connected to the Server 2 via openvpn, I can connect to my Server 1 via SSH
This time it worked.
So what am I doing wrong? Is it possible to have the website and openvpn into 1 server?
Another thing. I have to whitelist the IP address of Server 2. But how come I cannot SSH if I whitelist the IP address of OpenVPN (172.27.224.0/20)?
Close all ports except 80, 443, and openvpn ports maybe?
Then I will allow all ports to be open if you are connected to the openvpn making the server to be secured.
Lets narrow my example to SSH connection.
So right now I have Server 1 as my website and also a openvpn installed.
All ports are closed except 80,443
I whitelist this IP 172.27.224.0/20 in/out all ports.
So if not connected to VPN, I cannot access SSH.
But if connected, i cannot have it working. I cannot connect to my server using VPN and im not sure why.
Now, I experimented another method.
I have Server 1 as my website. And Server 2 as my openvpn server.
I closed all ports of my Server 1 except 80, 443.. And whitelist the IP address of Server 2.
So when I am connected to the Server 2 via openvpn, I can connect to my Server 1 via SSH
This time it worked.
So what am I doing wrong? Is it possible to have the website and openvpn into 1 server?
Another thing. I have to whitelist the IP address of Server 2. But how come I cannot SSH if I whitelist the IP address of OpenVPN (172.27.224.0/20)?