How do you install the web service management screen?
In my case, I prepared a URL for the administration screen called admin.example.com in the subdomain and
You can apply BASIC authentication to allow connections only from your IP address.
I didn't know that at all before, so I could see it when I hit the IP of the server live.
These are not mentioned in program tutorials, etc.
I can't help but wonder how it would be ideal to install it.
I would like to know what you think.
security
In the same way, I often prepare a subdomen called admin.example.com and a management screen.
In addition, if you have Basic authentication + IP restrictions, it seems to be secure, but it's not very good to be able to access admin.example.com over a public network.
It must be common sense that various crawlers have already sent requests to search for similar management screens, such as admin.example.com, db.example.com, or www.example.com/admin.
So creating a state where you can access the management screen using a subdomain is like telling them that the management screen of this site is here!(Still admin.example.com is useful.)
I don't know much about it, but isn't it common sense to build a private network and take security measures at the infrastructure level, such as accessing it through a treadmill server?
First of all, I told you that I also have a management screen with a sub-domen called admin.example.com, but I am not at all relieved that I can operate it with confidence in the way it is built.
The method that the questioner is doing is a common method, and I don't think it's particularly bad.
If the network configuration allows, it would be better to make it inaccessible via the Internet in the first place (i.e., not having a global IP address) and only accessible via VPNs, but there are many environments where this is not possible.
© 2024 OneMinuteCode. All rights reserved.