Hello everybody! I have been renting a VPS with installed Debian Stretch. I want to host a my personal website that includes basic functionality as blog, chat, portfolio etc. Entire website will be written using Django framework and Python 3.x, HTML5, CSS3, JS programming languages. These parts of that project will be implemented as Django apps. I do not want to expose development environment publicly. Experimental version of this project contains DEBUG variable set to True and other experimental features that should not be in production because I want to be able easily detect any bugs. I have also running other sensitive services e.g. SSH. My question is how can I restrict access to the administrative
services like SSH, development environment, web console, ZNC admin
etc. Of course, I am using public key authentication on SSH
without password. My proposed solutions: - use nginx mechanism called basic_auth to restrict access to
development environment, phpMyAdmin, phpPgAdmin etc. (vulnerable
to bruteforce attacks but it risk can be limited
using fail2ban although still weak 8 characters passwords), Which option is best solution? I am considering use VPN but I am
not sure is too complicated and that problem can be solved simpler
by nginx basic_auth mechanism and fail2ban. What are your
recommendations? -- |
Attachment:
0x63D031274518F606.asc
Description: application/pgp-keys
Attachment:
signature.asc
Description: OpenPGP digital signature