Mutual Authentication self-signed certificates to individually control user access to a private website


#1

Please forgive me if I use some inaccurate terminology as I am not intimately familiar with key pairs and certificates. I was wondering if there is a way to generate self-signed certificate and have some sort of pair of keys where I manually install one of those keys on a web browser, the other key on my website, and then only that web one browser can access my website.

I’m trying to run a personal website that is intended only for use by my own family, and I’m exploring various ways on how to secure it so that the public cannot see it. In the past I approached the problem with a couple layers, the first layer being an htaccess file that allows access only from my home IP address, and the second layer requiring a sign on into the web platform I’m running, for example WordPress or mediawiki. I don’t have a problem locking down the app by username and password, and it’s pretty easy for me to lock down the htaccess file. My home IP address is not static, although it is the same address for a very long time, but this solution does not allow accessing the websites from cell phones while on the go without creating a VPN back home.

So, I was wondering if there is a way to encrypt the traffic to the website and make it so that I can only decrypt/access my website using a certificate that I have manually installed on a browser that I’m using to access my site. I would then plan to manually install the certificate key on every device that I would allow you to access my site, and no other device would successfully access my site. Has anyone heard of something like this or could point me in the direction on how to configure something like this?

For further security, should I somehow encrypt the connection between MySQL database and the Apache server? I’m on the shared hosting plan, not the dedicated server plan.

Thanks!


#2

:arrow_double_up: Bump. Could anyone point me in a direction, please? Thank you!