How to transition from a local Django development server to a restricted public test server?

django web-server web-hosting

One possible idea is to give testers client-side X509 certificates.

  • A person enters their certificate and private key into their browser. In my Firefox it's in Preferences -> Privacy -> scroll to the very bottom -> View Certificates -> tab Your Certificates -> Import
  • Your end of SSL/TLS connection (nginx reverse proxy, haproxy, apache, etc) although listens on a public 443 port, is configured not only to serve the usual server-side certificate, but also to require a successful verification of a client-side certificate (you configure to only accept tester's certificates obviously).
  • These are advanced SSL/TLS options on your end, so for example AWS ALB implementation of https is insufficient.
  • Only https usage can be authorized this way, not plaintext http.
  • This doesn't impact contents of http GET/POST/cookie at all, therefore it doesn't impact authentication schemes at these levels.
  • Unauthorized browsers display an SSL/TLS error - they cannot pass any GET/POST whatsoever.

Related

How to restore mail flow after Office 365 mailbox user was automatically restricted?
apache Proxy 4 seconds connection delay
Is there a single point-of-reference that lists the release dates for the Live Communications Server (and other related client/server applications) [closed]
Can SCCM or WSUS actively initiate a new TCP connection to the client?
No sound on Ubuntu 20.04 [duplicate]
Ubuntu 18.04: How to create a persistent dummy network interface
Reinstall software-center in Ubuntu 16.04
Ubuntu 12.04 touch-pad and keyboard problems asus q500a
pip upgrade not working
How can I load the `vsftpd` daemon at system-boot, but have it "start" in a "stopped" state?
How to remove duplicate imagemagick icons
PPTP VPN missing in "connection type dialogue" in Ubuntu 16.04