Security

Thanks to Google Cloud Platform's free tier and $300 credit, I have been spending more time building on GCP. As I start to call GCP home, it's time to dress it up. My objectives are as follows:

  1. Setup a web-based configuration tool. I lived through the command-line era of MS DOS in the 80s and 90s but like most people, have long gotten used to the point-and-click interface. This will help me get productive again. Webmin is free and received a nice face-lift recently.
  2. Give my VM its own domain name - GoDaddy sells them cheap for the first year. 
  3. Do SSL.

Webmin

SSH into your VM. Edit your source list:

Can a $5-a-month virtual server run an OAuth2 Server? My virtual server has been my testbed for many IoT projects that make Web API calls to the web services that I have developed. None of these were as secure as I want them to be because I have never gone around implementing an OAuth2 server. Instead, I had mostly depended on POST with username and password to authenticate a user. This is not optimum and definitely not elegant. How do I even sleep at night!?

My $5-a-month virtual server runs PHP and MySQL, so I set out to find out if a PHP implementation of an OAuth2 server will allow me to authenticate my Web API calls. B. Shaffer's OAuth2 PHP Library is what I used: https://bshaffer.github.io/oauth2-server-php-docs/, and this is a documentation of how I did it.

What I Did