Access WP site in Staging Env via ssh tunnel

disc · July 3, 2020, 12:29pm

Hi all,

I’ve set up and provisioned 2 servers, one for staging and another one for production environment. I’ve also ran the deploy script for the staging environment.

Now, I’m trying to access my site via ssh tunnel:

$ ssh -L4545:localhost:80 -p 22 admin@<server-IP>

but when I visit: http://localhost:4545 there is nothing ( “This page isn’t working”).

Nginx seems to be working:

# netstat -tulpn | grep --color :80
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      22853/nginx: master 
tcp6       0      0 :::80                   :::*                    LISTEN      22853/nginx: master 

# netstat -tulpn | grep --color :443
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      22853/nginx: master 
tcp6       0      0 :::443                  :::*                    LISTEN      22853/nginx: master

Any idea why it doesn’t work? How can I access my WP site via ssh tunnel?

How is Trellis handling the staging environment? I mean, shouldn’t it be somehow protected by default and not open to the public?

Do I have to use “Bedrock Site protect” in order to protect it?

strarsis · July 3, 2020, 2:04pm

Why are you using a tunnel in the first place for staging?
Staging should be as close as possible to the production environment,
including HTTP/HTTPS ports and setup.
Wouldn’t it be a better approach to just password protect the whole server or sites individual (e.g. an “Under construction”/“Coming soon” plugin)?

disc · July 3, 2020, 2:16pm

Thanks for the response!

Why are you using a tunnel in the first place for staging?
Staging should be as close as possible to the production environment,
including HTTP/HTTPS ports and setup.

I don’t want to have the staging env open to the public. I just uploaded to staging.mysite.com and it’s open…Why? I don’t want that.

Wouldn’t it be a better approach to just password protect the whole server

Do you mean with “Bedrock Site protect” or is there something else?

swalkinshaw · July 3, 2020, 3:16pm

In my experience it’s been common to add HTTP basic auth to staging sites. You could use the Nginx includes feature to define basic auth.

You can search the forums for some other solutions to basic auth:

https://discourse.roots.io/t/role-add-basic-authentication-to-your-bedrock-sites/3742

disc · July 3, 2020, 3:35pm

Thanks for the response!

I’ve just added the “Bedrock Site protect” role and it worked fine. Hopefully this method is secure enough.

system · August 14, 2020, 12:29pm

This topic was automatically closed after 42 days. New replies are no longer allowed.