Cookie Consent by Free Privacy Policy Generator ๐Ÿ“Œ Staging Environments for WordPress Sites on GCP

๐Ÿ  Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeitrรคge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden รœberblick รผber die wichtigsten Aspekte der IT-Sicherheit in einer sich stรคndig verรคndernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch รผbersetzen, erst Englisch auswรคhlen dann wieder Deutsch!

Google Android Playstore Download Button fรผr Team IT Security



๐Ÿ“š Staging Environments for WordPress Sites on GCP


๐Ÿ’ก Newskategorie: IT Security Nachrichten
๐Ÿ”— Quelle: twingate.com


If you are a web developer working with clients, running your own business website, or simply hosting your personal blog, you likely want to have a way for you or your customers to privately preview changes before they are made public. With Twingate Starter, you can easily create a private staging environment that is completely inaccessible from the public internet but still shareable with collaborators or clients โ€” all without setting up a VPN, port forwarding, static IP addresses, or configuring DDNS.

In this guide, weโ€™ll walk through how to set things up on Google Cloud Platform (GCP) for WordPress, but the same general steps also work if you use other solutions like AWS, Digital Ocean, or Linode. As the video tutorial below shows, the entire process takes under 3 minutes. Weโ€™ll walk through each step in the sections below.

? Full 3 minute video tutorial:

Video tutorial: How to set up remote access to a private staging environment on GCP using Twingate in <3 minutes
Video tutorial: How to set up remote access to a private staging environment on GCP using Twingate in <3 minutes

Please also join us in our community forum to share and discuss your experience and any other use cases youโ€™ve discovered!

Prerequisites

GCP comes with pre-configured instances of WordPress to make it really fast to start building a website, and it has a free tier and free credits to get up and running with no cost. Please follow the short video tutorial below to deploy WordPress on GCP if you donโ€™t already have it set up. Choose the GCP zone and machine configuration that is appropriate for you. As part of the deployment configuration, we can safely remove the external IP and deny HTTP/HTTPS traffic from the Internet. In the rest of this guide, weโ€™ll show you how to use Twingate to grant yourself (or any other trusted party) secure, private access to your instance via just the Private IP address.

? Video tutorial:

Video tutorial: How to deploy WordPress on GCP
Video tutorial: How to deploy WordPress on GCP

Sign up for Twingate

Twingate Starter is a new free plan that is designed for home and personal use. If you donโ€™t have an account already, please click here and follow the simple steps to sign up for a Starter account and begin the initial setup. Once you have an account, there are 5 simple steps to get up and running.

1. Create a Remote Network

After creating a Twingate account, from the main โ€œNetworkโ€ page, add a new Remote Network and give it a name. This represents the network weโ€™re going to connect to โ€” in this case, that would be GCP.

? Video tutorial:

Video tutorial: How to create a Remote Network for GCP on Twingate
Video tutorial: How to create a Remote Network for GCP on Twingate

2. Add a Connector

The next step is to deploy a Twingate Connector, which is a piece of software that allows for secure access to your remote network and the services running on it. In addition to Lightsail, it can also be deployed to other cloud instances (AWS, Azure, etc.) as well as your home devices, including Synology NAS and Raspberry Pi.

Generate Connector tokens

In this case, weโ€™ll set it up on GCP. Click on one of the automatically generated Connectors (the names are random) and complete the following steps:

  1. Click on Linux as the deployment method
  2. Generate tokens. Youโ€™ll be prompted to sign in again, after which you should see two new tokens.
  3. Copy the automatically generated shell command. You will soon run this command on your Lightsail instance to install the Connector there.

? Video tutorial:

Video tutorial: How to generate Connector tokens and deploy via Linux
Video tutorial: How to generate Connector tokens and deploy via Linux

Deploy the Connector on the Remote Network

In GCP, create a new VM instance where weโ€™ll deploy the Twingate Connector.

  • We suggest giving the VM instance the same name as the Connector for easy association
  • Choose the Region, Zone, and Machine configuration thatโ€™s appropriate for you (some configurations can be free)
  • Expand the โ€œNetworking, Disks, Security, โ€ฆโ€ section at the bottom, then expand the โ€œManagementโ€ section. Inside the โ€œAutomationโ€ textbox, paste in the command that was generated earlier. This will ensure that the Twingate Connector automatically installs and runs when you boot up your VM instance.

? Video tutorial:

Video tutorial: How to deploy a Connector on a GCP VM
Video tutorial: How to deploy a Connector on a GCP VM

After just a minute or so, the instance should be up and running, and you can check the logs to verify that the Connector was successfully deployed. You should also see within the Twingate admin console that the Connector status has turned green.

? Video tutorial:

Video tutorial: How to verify that the Connector has successfully deployed on a GCP VM instance
Video tutorial: How to verify that the Connector has successfully deployed on a GCP VM instance

3. Add a Resource

Now that youโ€™ve deployed a Twingate Connector on GCP, you can get remote access to any other VM instance running on the same VPC network. Even though the WordPress instance has no external IP address and weโ€™ve denied all HTTP/HTTPS access, we can add it as a Twingate Resource and get secure access.

Go back to your Remote Network and click on the โ€œAdd Resourceโ€ link. In the popup, click on the โ€œCIDR Addressโ€ box, choose a Label name for the Resource, enter the private IP address of your WordPress VM instance, and click โ€œAdd Resourceโ€. Congrats! You now have secure, private access to your VM instance and can use it as a staging environment for your WordPress site.

? Video tutorial:

Video tutorial: How to add WordPress as a resource
Video tutorial: How to add WordPress as a resource

4. Download the Twingate client

All thatโ€™s left to do now is to install Twingate on your device (we support Windows, Mac, Linux and have apps for iOS and Android) to authenticate your account and authorize your access to the instance. As an example, letโ€™s walk through setting up the Twingate client on macOS.

First, download and install the macOS app here. Type in the Network URL that you chose when you signed up (the [abc] part of [abc].twingate.com) and click โ€œJoin Networkโ€. Youโ€™ll be asked to log in using the same account you used to sign up. After signing in, youโ€™ll see that Twingate is connected with access to the Resource you created. Click on โ€œOpen in Browserโ€ฆโ€ and you should see your WordPress site is accessible via the Private IP address of your GCP VM instance, even though it has no public IP address.

? Video tutorial:

Video tutorial: How to access your resource using the Twingate client
Video tutorial: How to access your resource using the Twingate client

Finally, disconnect from Twingate and try accessing the site again โ€” you should see that itโ€™s completely inaccessible.

Congrats! Youโ€™ve finished setting up Twingate for GCP and used it to create a staging environment for your WordPress site. Anything else that you deploy to the same VPC network (e.g., a web app, dashboard, database, etc.) can also be added as a Resource, and you would have a private staging environment for those as well, using the same Connector. Join us in the community forum to share how things went and what cool use cases youโ€™ve discovered!

5. Sharing is Caring

Do you want to share access to the WordPress site with a client, collaborator, or friend? You can easily do this from the Twingate web UI. Just go to the โ€œTeamโ€ tab and click โ€œInvite Userโ€ to send an email invitation. The recipient would simply follow the same steps to download the Twingate client, join your network, and get access to the WordPress site, or any other resource you set up!

Invite other users
Invite other users

...



๐Ÿ“Œ Staging Environments for WordPress Sites on GCP


๐Ÿ“ˆ 63.91 Punkte

๐Ÿ“Œ Shipt: Multiple Subdomain Takeovers: fly.staging.shipt.com, fly.us-west-2.staging.shipt.com, fly.us-east-1.staging.shipt.com


๐Ÿ“ˆ 53.53 Punkte

๐Ÿ“Œ Free & Easy Staging Environments for WordPress Sites on AWS


๐Ÿ“ˆ 44.63 Punkte

๐Ÿ“Œ GATOR - GCP Attack Toolkit For Offensive Research, A Tool Designed To Aid In Research And Exploiting Google Cloud Environments


๐Ÿ“ˆ 31.93 Punkte

๐Ÿ“Œ A botnet of over 20,000 WordPress sites is attacking other WordPress sites


๐Ÿ“ˆ 28.27 Punkte

๐Ÿ“Œ Infected WordPress Sites Are Attacking Other WordPress Sites


๐Ÿ“ˆ 28.27 Punkte

๐Ÿ“Œ Botnet of 20,000 WordPress Sites Infecting Other WordPress Sites


๐Ÿ“ˆ 28.27 Punkte

๐Ÿ“Œ Botnet of 20,000 WordPress Sites Infecting Other WordPress Sites


๐Ÿ“ˆ 28.27 Punkte

๐Ÿ“Œ Mastering Python Development Environments: A Comprehensive Guide to Virtual Environments


๐Ÿ“ˆ 25.32 Punkte

๐Ÿ“Œ CVE-2023-6113 | WP STAGING Backup Plugin on WordPress Backup Process information disclosure


๐Ÿ“ˆ 22.91 Punkte

๐Ÿ“Œ CVE-2023-7204 | WP STAGING Backup Plugin up to 3.1.x on WordPress access control


๐Ÿ“ˆ 22.91 Punkte

๐Ÿ“Œ WordPress Staging โ€“ unfallfrei entwickeln und testen


๐Ÿ“ˆ 22.91 Punkte

๐Ÿ“Œ CVE-2022-2863 | Migration, Backup, Staging Plugin up to 0.9.75 on WordPress path traversal (ID 168616)


๐Ÿ“ˆ 22.91 Punkte

๐Ÿ“Œ CVE-2022-2737 | WP STAGING Plugin up to 2.9.17 on WordPress cross site scripting


๐Ÿ“ˆ 22.91 Punkte

๐Ÿ“Œ SAP will Datentreuhรคnder bei GCP werden


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ USN-3443-3: Linux kernel (GCP) vulnerability


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ GTXiLib, MongoDB Atlas on GCP, Chrome 66 Beta & More! - TL;DR 105


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ USN-3468-3: Linux kernel (GCP) vulnerabilities


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ USN-3484-3: Linux kernel (GCP) vulnerability


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ Google I/O 2018, Learning Representations ML Conf, & more from the GCP! - TL;DR 110


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ .app from Google Registry, Firebase at WWDC, & GCP updates for app developers - TL;DR 112


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ USN-3507-2: Linux kernel (GCP) vulnerabilities


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ Google Updates Cloud Firestore NoSQL Database Beta for GCP


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ Actions on Google, Kotlin momentum for Android, GCP Asset Inventory, & Gmail Delegation


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ So I wanted to print to my GCP (Brother HL series) from not only my Chromebook, but from my Linux Mint laptop. WTF?


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ Cloud Data Exfiltration via GCP Storage Buckets and How to Prevent It


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ Ask /r/linux: How do you secure and harden your Linux bastion hosts in the public cloud (AWS, GCP, Azure, DO, Linode etc)?


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ New Google Play Console Data, GCP Database Options, Chrome 76, & more!


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ รœber 34 Mio. Schwachstellen in AWS, Azure und GCP


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ Persistent GCP backdoors with Googleโ€™s Cloud Shell


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ Security features on Google Cloud Platform (GCP)


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ Android NDK r21, Security Health Analytics for GCP, Bazel 1.0


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ Google Cloud Platform (GCP) Security Best Practices


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ GUI Linux on GCP/AWS/Azure


๐Ÿ“ˆ 19.27 Punkte

๐Ÿ“Œ Hashicorp Vault GCP IAM Integration Authentication Bypass


๐Ÿ“ˆ 19.27 Punkte











matomo