Im trying to configure everything in order to allow only VPN users to accesss to certain folders (wp-admin etc) and the thing is that by following some tutorials like https://www.digitalocean.com/community/ ... untu-14-04 i can connect to my openvpn (it gives me a 10.8.0.X ip and the external IP is my server's one when checking at but when i enter my own server domain in my browser it sees my real IP (getenv('REMOTE_ADDR') shows my real IP) and not the one from the VPN so i cant set up a .htaccess file to restrict to my own server IP.
As a summary of above tutorial config, i have:
/etc/openvpn/server.conf
-------------------------------
Server Config
dh dh2048.pem
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
user nobody
group nogroup
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
user nobody
group nogroup
---------------------------------------
file content is 1
/etc/sysctl.conf
--------------------------------
net.ipv4.ip_forward=1
/etc/default/ufw
---------------------------------------
DEFAULT_FORWARD_POLICY="ACCEPT"
/etc/ufw/before.rules
--------------------------------------
# START OPENVPN RULES
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0]
# Allow traffic from OpenVPN client to eth0
-A POSTROUTING -s 10.8.0.0/8 -o eth0 -j MASQUERADE
COMMIT
# END OPENVPN RULES
ufw status verbose:
------------------------------------------------
root@XXX:/# ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), allow (routed)
New profiles: skip
To Action From
-- ------ ----
1194/udp ALLOW IN Anywhere
22/tcp ALLOW IN Anywhere
53 (Bind9) ALLOW IN Anywhere
80/tcp (Apache) ALLOW IN Anywhere
443/tcp (Apache Secure) ALLOW IN Anywhere
1194/udp (v6) ALLOW IN Anywhere (v6)
22/tcp (v6) ALLOW IN Anywhere (v6)
53 (Bind9 (v6)) ALLOW IN Anywhere (v6)
80/tcp (Apache (v6)) ALLOW IN Anywhere (v6)
443/tcp (Apache Secure (v6)) ALLOW IN Anywhere (v6)
Is there something im missing?
Thank you in advance,