Setup internal websites - accessible only via VPN

I have a single Linode server with 2 websites running - one is public (production) & the other is internal (dev).

I don't want the dev one to be accessible to the public. I want it to be accessible only when connected to VPN. So I installed OpenVPNAS and did "no" configuration. I am sticking to the default config.

What I did now is, set the DNS record for the dev to point to the Linode's private IP so that it can be accessed only when I am connected to the VPN. The OpenVPN is installed on the same server.

Now my concern is - anyone who has a VPN setup in the same Linode data center might be able to access my internal website. How do I avoid this? I am zero to VPN config, so I would like some advice on it.

Thanks in advance.

1 Reply

I managed to fix it partially by changing the DNS for the dev to point to the VPN IP. So no one can connect without being on the vpn network.

Now I have another problem. I use runcloud to configure nginx. Which means that if someone were to update their host file to point the dev domain to the public IP of the linode, he would still be able to access the page. I changed the nginx config to serve only to the vpn's IP but it isn't working. This is the config:

server {
listen 172.27.224.1:80;
include /etc/nginx-rc/conf.d/mllm-staging.d/main.conf;

# Redirect request to https
if ($scheme = http) {
return 301 https://$host$request_uri;
}
}

server {
listen 172.27.224.1:443 ssl http2;

Is my config wrong?

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct