How does one secure use of the admin area for any web application?
Our Rails Content management systems serves pages openly. I must result in the after sales (/admin) inaccessible using either the webserver(apache) or firewall(netfilter).
Could this be achieved utilizing an SSL certificate? I must limit use of the after sales to simply individuals whose possess the "key", much like SSH use of a server.
Thanks ahead of time.
Avoid using the firewall, you'll just complicate your implementation. The "correct" approach is by using .htaccess or setup authorisation in Apache Directory configuration.
It may sound as if you want SSLRequire
SSLVerifyClient none <Directory /usr/local/apache/htdocs/secure/area> SSLVerifyClient require SSLVerifyDepth 5 SSLCACertificateFile conf/ssl.crt/ca.crt SSLCACertificatePath conf/ssl.crt SSLOptions +FakeBasicAuth SSLRequireSSL AuthName "Snake Oil Authentication" AuthType Basic AuthUserFile /usr/local/apache/conf/httpd.passwd require valid-user </Directory>
You are absolutely right that the SSL cert is what you want. And it is not necessarily everything tricky to setup, climax rarely done.
You need to keep in mind that this issue has two components. The very first is, "how do you obtain the darn factor working whatsoever," and, this as being a home security system, the second reason is, "how do you arrange it to ensure that I am unlikely to accidently make a move that borks my security?"
The very first factor I recommend would be to write another Rails application for that admin stuff, and run it having a different web server on the different port. (If you want to prevent placing a port number within the URL for that admin site, make use of a proxy before both web servers that utilizes the
Host: header to redirect demands to for
foo.com to 1 server, and
admin.foo.com towards the other.) This separation can help make sure that you don't accidently give regular customers use of admin functionality, making the SSL setup simpler.
For that admin server, arrange it for SSL access only. Produce a new signing cert, and permit only certificates signed through the signing cert for connecting. (This really is web-server dependent if you actually need particulars regarding how to do that, you most likely wish to publish a brand new question giving the more knowledge about the server and configuration you are using.) You are able to setup a webpage (around the non-SSL site, or on the page accessable to non-authenticated customers around the SSL site) which will have your admins' browsers instantly generate and upload certificates that you could sign that will provide them with access.
Keep copies of all of the certs you sign to ensure that if you want to revoke access, you are able to put that cert within the cancellation list.