I did experience when my “naughty” ISP inject a javascript to a web page when the site is not using https. That script intended to track, and maybe steal some cookies (I’m not sure, since they can get anything).
And another story also when I did use public wifi when I work in a cafe/coworking space, and I got SSL warning that there is man-in-the-middle try to intercept my connection, and said the SSL certificate is not valid. I was shocked that it is not hard for a sysadmin to intercept our connection when they have access to the router.
The solution to this issue is encrypt your connection with VPN (Virtual Private Network), it’s adding an extra security layer of your connection, and it’s proven to avoid man-in-the-middle attack.
Requirements
- A VPS server, I recommend to use Vultr or Digitalocean. They both have $5/mo plan. Choose Ubuntu, Debian or Centos.
- Knowledge how to use Linux command line
Steps to install OpenVPN
- Get your Ubuntu, Debian or Centos ready and up
- SSH to your server with root access
- Run this script:
wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh
- Once it ends, you can run it again to add more users, remove some of them or even completely uninstall OpenVPN.
- Check if your openvpn is running and use UDP port 3833, run this script to check:
systemctl status openvpn.service
and to check the it using the correct port:netstat -plunt
- You will have ovpn file in your root home directory, download it to your local machine
- Congratulations now you have openvpn server running.
OpenVPN Client
- On Mac, I’m using TunnelBlick, it’s a free software for OpenVPN
- On Windows and LInux, you can use Pritunl Client, it’s free and open source
- On Android, You can use OpenVPN for Android
- On iOS, You can use OpenVPN Connect
Once you have the OpenVPN client setup, add your VPN setting just by using your ovpn key. You can test your connection just and if you are connected, test by visit this site whatismyipaddress.com
And that’s it, always secure your connection with VPN whole time.
