Landing page review - security for admin pages
I'm launching a micro-saas that helps small and big teams secure their admin pages. Apart from just renaming the pages, my proposal is to introduce another level of security through an easy to use hosted VPN, configurable authentication pages with additional security features such as OTP by default. All this should be possible in under 5 mins and you are set. Teams can monitor access to the pages and get session metrics, attempts reports, etc. Since the request is through a VPN, data is therefore encrypted.
Please let me know if the landing page communicates well the idea and value proposition.
Here is the link: https://junopass.com/
Trending on Indie Hackers
This is an interesting service Felix.
So can I assume that the plugin adds some kind of IP-only restriction to the admin page and only lets requests coming through Junopass to be let through? So say I'd have a client on Wordpress, we get Junopass installed, and they have to go through Junopass first to authenticate with a Junopass account, then they'll be able to login to the Wordpress site? If that's the case, is the VPN thing an OS-level VPN that the user would then have to manually disable after use?
I guess those details might matter for a potential buyer.
Hi @pascallaliberte,
Thank you for checking it out.
JunoPass implements IP-only restriction to the admin page through the plugin. To log in to the admin page, the user login to JunoPass and start a session (which is a VPN session + our service monitoring session). This session will sync with the plugin on the user site and assign an IP. Connections to the site will be limited to the assigned IP. IPs are assigned in round robin manner with also options of dedicated IPs.
If the business wants to enable advanced security features such as OTP, Access Logs /monitoring, session timeouts due to inactivity, etc, all that is done from our dashboard. And when the session is initiated, the plugin installed at the site should be able to load the user preferences.
The VPN is not OS-level, but I'm interested to hear if that is a preferred method and why. Our current approach is to make it easy for the user to get started without too much hustle and configuration. Your feedback is highly welcomed.
Thanks once again and feel free to contact me in case of any query. Let's keep in touch.
I don't think the VPN needs to be OS-level in fact, I was just curious. That's smart how you have a listener and you whitelist the admin's IP address on the Wordpress site at the time of a new Junopass session.
Good luck!
Thank you very much for your input.
Good luck in your endeavors too.