[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 261
  • Last Modified:

Block access to URL

We need to build a web application that another company will use.  They will link to the site directly from their own intranet.  What I want to know is if there is a way that our web site can confirm that the user is coming from their intranet and not typing the url directly into a browser?  I am exploring this to see if there is a way to not let users access the site unless they are originating from their company intranet. (Only one company will be using the site.)  Thanks.
0
snyperj
Asked:
snyperj
  • 3
  • 2
2 Solutions
 
radnorCommented:
Can you block everyone except them via the .htaccess file?

http://www.javascriptkit.com/howto/htaccess5.shtml
0
 
shalomcCommented:
As far as your web site is concerned, their intranet is a network having very specific IP addresses.
Your web application, regardless of the technology involved, can be configured to accept incoming requests only from the allowed IP.
Check with your customer's IT and networking people what is their IP.
The actual implementation you have to do depends on your environment: IIS? Apache? virtual hosting?


ShalomC
0
 
snyperjAuthor Commented:
Thanks for the info.  Our web server uses IIS, in a nutshell, what will that mean for implementation?  (I won't be doing the work but would like to be able to speak "somewhat" intelligently in meetings as to what needs to happen to satisfy this concern.)

Thanks again..
0
Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

 
radnorCommented:
Limiting Access by IP Address
http://support.microsoft.com/kb/324064/EN-US
0
 
radnorCommented:
Limiting Access by IP Address
The .Htaccess file uses the Order, Allow, and Deny directives to limit access by Internet Protocol (IP) address or domain name.

To limit access according to IP address or domain name in IIS:
1.      Right-click the folder, the existing file, or the Web site, and then click Properties.
2.      Click either File Security or Directory Security.
3.      Click Edit in the IP Address and Domain Name restrictions section.
0
 
shalomcCommented:
I'd like to suggest another level of security.
1. Configure your firewall to allow inbound requests to your web application on  ports 80 and 443 ONLY to the customer.
2. Create a VPN between you and your customer.
3. Place a leased line between you and your customer. Today frame relay does not cost that much..

ShalomC
0

Featured Post

Restore individual SQL databases with ease

Veeam Explorer for Microsoft SQL Server delivers an easy-to-use, wizard-driven interface for restoring your databases from a backup. No expert SQL background required. Web interface provides a complete view of all available SQL databases to simplify the recovery of lost database

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now