I've deployed a VPS server on digitalocean to give node.js and applications like Ghost a try. Meanwhile, I want to use the droplet as a personal VPN as well. Would it be OK to run an OpenVpn service on a droplet which has a live website and a domain pointed to it? (Mainly, in terms of security of both services)
Asked
Active
Viewed 372 times
1 Answers
1
I don't know what a droplet is, but there is no significant security risk to running OpenVPN and a live website off the same system - although you might have routing issues for VPN users, and, of-course, if the VPN is used to hide your ass and is then pulled as a result, down goes the web server.
davidgo
- 68,623
- 13
- 106
- 163
-
thank you for the reply, would you mind sharing the routing issue that I might face? – cinnaroll45 May 12 '16 at 08:52
-
1Its a bit had to comment in general terms - some possibilities include if that traffic from your vpn client to the server would not go through the VPN link to connect to the box, while all other traffic probably would (because of the default gateway being the VPN endpoint, but a static route is needed to the box so the VPN endpoint can be reached). Depending on the Web configuration and DNS, if you do send web traffic to the internal interface for your host (eg using hosts file or split DNS) you need to ensure the web server is bound to answer on all addresses, not the external address. – davidgo May 12 '16 at 09:24
-
1In other words, it should work OK if you are not trying to reach your website across the VPN, but you will have problems if you need to encrypt your traffic to the website using the VPN. – davidgo May 12 '16 at 09:25