๐ Free & Easy Staging Environments for WordPress Sites on AWS
๐ก Newskategorie: IT Security Nachrichten
๐ Quelle: twingate.com
If you are a web developer working with clients, running your own business website, or simply hosting your personal blog, you likely want to have a way for you or your customers to privately preview changes before they are made public. With Twingate Starter, you can easily create a private staging environment that is completely inaccessible from the public internet but still shareable with collaborators or clients โ all without setting up a VPN, port forwarding, static IP addresses, or configuring DDNS.
In this guide, weโll walk through how to set things up on WordPress running on Amazon Lightsail, but the same general steps also work if you use other solutions like AWS EC2, Digital Ocean, or Linode. Please also join us in our community forum to share and discuss your experience and any other use cases youโve discovered!
Prerequisites
Amazon Lightsail is an easy way to get up and running on AWS and comes with pre-configured instances of WordPress to make it really fast to start building a website, and it is free for the first 3 months. Please follow the short guide here to create an instance if you donโt already have one.
Restrict access to your Lightsail instance
After the quick setup, you (or anyone else) are now able to access your WordPress site via the Public IP address associated with your Lightsail instance. Since we want to restrict access to our staging environment, we can go to the โNetworkingโ tab and remove the HTTP/HTTPS access rules under the โIPv4 Firewallโ section.
If you try the Public IP address again, you should find that itโs no longer accessible.
In the rest of this guide, weโll show you how to use Twingate to grant yourself (or any other trusted party) secure, private access to your instance via just the Private IP address.
Sign up for Twingate
Twingate Starter is a new free plan that is designed for home and personal use. If you donโt have an account already, please click here and follow the simple steps to sign up for a Starter account and begin the initial setup.
Create a Remote Network
After creating a Twingate account, from the main โNetworkโ page, add a new Remote Network and give it a name. This represents the network weโre going to connect to โ in this case, our Lightsail instance.
Add a Connector
The next step is to deploy a Twingate Connector, which is a piece of software that allows for secure access to your remote network and the services running on it. In addition to Lightsail, it can also be deployed to other cloud instances (AWS EC2, GCP, Azure, etc.) as well as your home devices, including:
In this case, weโll set it up on our Lightsail instance. Click on one of the automatically generated Connectors (the names are random) and complete the following steps:
- Click on Linux as the deployment method
- Generate tokens. Youโll be prompted to sign in again, after which you should see two new tokens.
- Copy the automatically generated shell command. You will soon run this command on your Lightsail instance to install the Connector there.
Go to your Lightsail instance, and under the โConnectโ tab, click the โConnect using SSHโ button.
This will open up a new window with a Linux terminal connected to your instance. Paste in and execute the command that was generated by your Twingate Connector (your tokens and Twingate URL will be different).
After just a minute or so, the command should complete and you should see that the Connector status has turned green, indicating that youโve successfully deployed the Connector on your Lightsail instance.
Add a Resource
Go back to your Remote Network and click on the โAdd Resourceโ link. Youโll see a popup like the one below. Click on the โCIDR Addressโ box, choose a Label name for the Resource, enter the private IP address of your Lightsail instance thatโs displayed in the โNetworkingโ tab of your Lightsail console, and click โAdd Resourceโ. Congrats! You now have secure, private access to you Lightsail instance and can use it as a staging environment for your WordPress site.
Download the Twingate client
All thatโs left to do now is to install Twingate on your device (we support Windows, Mac, Linux and have apps for iOS and Android) to authenticate your account and authorize your access to the instance. As an example, letโs walk through setting up the Twingate client on macOS.
First, download and install the macOS app here. Type in the Network URL that you chose when you signed up (the [abc]
part of [abc].twingate.com
) and click โJoin Networkโ. Youโll be asked to log in using the same account you used to sign up. After signing in, youโll see that Twingate is connected with access to the Resource you created.
Click on โOpen in Browserโฆโ and you should see your WordPress site is accessible via the Private IP address of your Lightsail instance, even though itโs not accessible via the Public IP address.
Finally, disconnect from Twingate and try accessing the site again โ you should see that itโs inaccessible via both the Private and Public IP addresses.
Congrats! Youโve finished setting up Twingate for your Lightsail instance and used it to create a staging environment for your WordPress site. If you run anything else on your instance like a web app, you now have a private staging environment for those as well. Join us in the community forum to share how things went and what cool use cases youโve discovered!
Sharing is Caring
Do you want to share access to the WordPress site with a client, collaborator, or friend? You can easily do this from the Twingate web UI. Just go to the โTeamโ tab and click โInvite Userโ to send an email invitation. The recipient would simply follow the same steps to download the Twingate client, join your network, and get access to the WordPress site, or any other resource you set up!
...