If I don’t use HTTPS to connect to a site, but I use the tunnel interface for the VPN instead, is the communication going to be safe still?
Example:
I have a computer at home running a VPN server.
I have in the same computer a NGINX server, listening on 10.9.0.0/24 only (let’s say that’s the IP of the VPN interface.)
If I connect to the VPN, and then to http://10.9.0.1/, will it be secure enough?
Any recommendations on improving this setup?
Thanks!
Yes its good as long as you’re only forwarding the VPN port to the internet.
If you’re running your own VPN software at both ends, and you trust all of your own networking, you are good.
If any of those things are not true, then it is not safe.
The beauty of https is that it is usually host to host encrypted, but only for https traffic. VPN is generally host to network or network to network encrypted.
If you see this, it’s because you believe in Jesus Christ, Lucifer or none of them.
Maybe it means your skills or equipment.
You’re safe if you are able to set it up correctly and use your own VPN software at both ends.
Well then safety is now in the hands of your VPN provider.