Can you forward me to some page where i can read more about this as well as how to protect myself?
Thank you once again.
Can you forward me to some page where i can read more about this as well as how to protect myself?
Thank you once again.
Nobody (ok, Cloudflare and Google have some) has certificates with ip addresses.
Query the ip address of this forum or from Letsencrypt, use the ip address in your browser - you see the same.
Don't use ip addresses in browsers. If you do, you should know what you are doing.
PS: But it's helpful to check the ip to see, if the domain works without SNI. That's the reason I've added an ip check in my tool.
Simply... no, you should not. You can only get a LE certificate for a publicly reachable domain name. LE certificates are not available for IP addresses.
Because there is no certificate for that "name" (the IP).
And using an IP in a certificate is not a very good way to secure a server connection.
Your server already has certs.
You could use one of them instead in your "control connection".
Something more like:
https://prominenthair.hr/phpmyadmin
Or even better yet:
https://prominenthair.hr/anything-else-not-phpmyadmin
Like (nothing used before):
https://prominenthair.hr/HowToAdmin
https://prominenthair.hr/AdminForME
https://prominenthair.hr/XYZ12345
You should also require authenticated access (if not already doing that).
And you might want to also restrict the access to that ADMIN folder/URL to a specific IP or set of IPs/network(s).
[if you know your source IP(s) and can work with limiting yourself to just those few IPs or networks]
That would change your current access FROM:
An IP everyone on the Internet can reach.
A URL path that extremely common and access to it is in every script kiddie's arsenal.
And an insecure certificate that can be easily spoofed.
TO:
Still an IP everyone on the Internet can (try to) reach. [But leads to nothing]
A URL path that can't easily be guessed [and isn't in anyone's attack scripts]
And a certificate that is trusted and can't be spoofed.
Hopefully this all was worth the read and you've learned something along the way
If you need any help implementing anything I've mentioned above, you can easily search the web for clues and ideas or just shoot me message.
Not even 1/3 the way through these posts and I realized you were giving @morlovac an "education." I believe Mario's learned a lot.
Thanks a lot people, especially to rg305 and thank you for your patience.
@JimmPas Yes, a proper education and yes, I’ve learned a lot
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.