Rails Secure Login with Open VPN

Question

I have a website running on a Linode server, so far so good. This website has an auth system built on top of devise. Users can login, do their stuff and be happy.

For the admin area (still programming) I want to have a secure VPN connection to access the data, because the admins will have access to all kinds of information from the users. I was thinking about a direct connection between their computers to the website.

The problem is that I didn't found a way to integrate VPN in a rails application and I don't have a clue of how this works outside a rails app.

Please, I really need to get this done.

Answer 1

OpenVPN is a setup that needs to be done on the server, and has got nothing to do with Rails. AFAIK you cant restrict a part of the web-app to be accessible only over VPN, unless ofcourse, you have a different web-app for such admin area, bind it/run it on a different IP, which is accessible only through VPNs like these.

An ideal setup would be.

x.x.x.x:80 - Public Web-App used by Users.

y.y.y.y:MNOP - Private Secure Web-App used by Admins

VPN access to y.y.y.y network over secure SSL Tunnel using Open VPN.

Refer: https://openvpn.net/index.php/open-source/documentation/howto.html to know how to setup VPN. Or else, there are lots of tutorials out there to help you out.