Billing System via OpenVPN access.

[ImUge]

Hello Guys,

I need your expert advise and suggestion regarding my plan.
I'm planning to use Blesta for my services and install it to a VPS.

However, this is not accessible online without accessing the VPN server.

Ok I will explain further...

1. Customer cannot access the billing system via normal browsing (e.g. http://billing.domain.com) - Access has to be forbidden.

2. Client will be given a VPN access then that is the online time that he can access the site directly from the server.

Its like the server is only allowing 1-static IP to browse the site then the rest are blocked. We are doing this in my previous company. I can access the CMS normally when I'm at the office but if I'm working from home or other location. I need to use OpenVPN then use my network userid and password before I can browse the site.

I'm planning to do this with my billing system since I find this more secured and I have more control in terms of client information.

My only concern is the hassle of asking my client to install OpenVPN to gain access on the server. Do you have any other suggestions?

Thank you in advance.

 

[ImUge]

I'm not the one who setup the VPN in my previous company but I'm reviewing now the OpenVPN website for solutions. But please let me know your recommendations. Thanks

 

[webhostingcs]

Hello,

I presume in your previous company the CMS is either in your office (network) that is why it is accessible freely, then when you're at home you need to install vpn client to connect. (which has both VPN Server and Firewall to control routes / filter).

In that case (VPS) you will have to setup a lof of things not just the VPN Server but also the firewall to route it accordingly same as with your office.

I suggest that why don'y you just password protect your billing domain (billing.domain.com) use htaccess. (so it will have 2 login user/pass).

I think your client will be a bit hesitant to install vpn clients, and also this adds extra support on your end if they cannot access the billing page.

Thanks!

 

[HostOX]

I think honestly this would put me off purchasing anything from a company who does that.

Why not just use it for staff rather than clients.

 

[CloudSolutions]

I think honestly this would put me off purchasing anything from a company who does that.

Why not just use it for staff rather than clients.

Would be reasonable doing so for crew however for clients it may become a major hassle. True.

 

[webhostingcs]

Hello,

I think you need to use a secure billing system like the ones being used already in the market today like WHMCS and ClientExec, by this even if you will not use VPN for your clients you are sure enough that you're safe.

And also WHMCS and ClientExec create patches very fast so no need to worry if there is a security issue's found plus a lot of users to help you also.

Thanks!