Is it possible to direct me to links that will guide me through this setup:
My openemr is up and running on local server onsite, hosted in VBox , with HTTPS from certificates generated by openemr.
My S3 static bucket for my website is up and running ( 5 $/month), my practice website that has no connection to my database on my local server is hosted there.
I want to establish the connection securely between the two for a patient portal and it seems that S3/Wordpress could be the ticket, but I need the blueprint or documentation on how to proceed.
I have seen this document: https://www.open-emr.org/wiki/index.php/Patient_Portal#Why_a_CMS_Portal.3F
And this:
But it is still vague unless no way around paying for openemr on AWS cloud which I am trying to avoid since I am tight on cash.
( realizing that traffic can kick my 5$ monthly bill to higher number).
Whilst awaiting an answer another relevant question, is the certificate generated from openemr used in HTTPS could be used in openvpn if I want to use this open source in creating the patient portal ?
Access to the patient portal is merely a web link, which you could post on your S3 static website. Since your Amazon S3 is a STATIC website, just a fancy billboard, it can’t support running programs on it.
Others with more technical knowledge may correct me if I’m mistaken.
Of course having a server exposed to the WWW means you need adequate security, which may be worth $9/mo to host it on Amazon.
The web addresses would be the same regardless of the server.
Does this help?
so it is dead , what is the alternative path other than hosting in the cloud, what my options are for onsite in-house hosted openemr, I do not have in my situation URL of a web site because my S3 bucket is for advertisement of the practice with no link to the database….
While we offer several AWS cloud deployments, you can also run OpenEMR from the Windows XAMPP package, a Docker container on Windows or Linux, manual deployment on a clean Linux system. or even launch it from a Raspberry Pi (or equivalent ARM device).
You’re running OpenEMR on a machine in-house.
In order to use the portal, the portal has to be accessible from the web, so it needs a domain address. Wherever that is needs web hosting, which you can do yourself on your machine in-house, or on Amazon.
If I have a DNS on my Ubuntu, and give my server a static name and static IP , lets say server.example.com to be able to have a client example.com, what is the best way to secure this DNS if I open ports in my VBox other than the only one I have now 443?
Yes, the domain is hosted on the S3 Bucket AWS, but it is only for ad and no connection to my server on my local machine. I thought if I can post the link on it for the portal, and the link takes me to ubuntu server.example.com to have the client example.com/portal . but security is my concern, I did follow the steps of security in the openemr wiki and removed the files I should remove, I hardened the apache and I have the SSL generated from openemr to the /home/openemr/.gnupg
But this is where I cannot go further with the portal, I need to open port and secure it for the DNS, and I cannot use the admin.12 for the client browser for https connection with the generated SSL ,so how can it proceed from here with patient portal.
I can’t answer your question.
It seems to me that if hosting your static site on your own domain on your own server is too difficult, then running OpenEMR on on your own server with just a fixed IP address will be even more difficult.
I don’t know how to do that.
Anyone else have any ideas?
So you’ll have to replace the SSL certificate on your VBOX machine w/ OpenEMR running apache with the SSL certificate for your domain. You could bypass this by using a proxy but you’ll have SSL termination on each end of the proxy which is generally a security risk when dealing with PHI.
If this is something you aren’t familiar with (network security) I don’t recommend trying to hack it on your own if you fall under any kind of HITRUST/HIPAA regulation. Either use the cloud security packages or hire a vendor to help setup your network topology and SSL certificates if you are going to allow remote access to your patient portal.