Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 301
  • Last Modified:

Allow access to .NET website hosted on 8081 or other ports

Hello,

I am trying to setup my webserver IIS 6.0 .
It hosts my .NET website designed Visual Studio 2003  on port 8081

The way it is currenlty set up, I can browse the website locally (localhost:8081/login.aspx), but can't browse it from a PC that is in the same local network. Also outside web users can't see it.

I think it is just a matter of setting a certain, necessary permissions.

If I allow maximum access to Everyone, ASP.NET, IUSR, IWAM etc accounts then it works fine.

What are the regular basic steps (not jepardizing security of the server) that you would perform to allow access to this site for local network PC or outside web user?
What accounts must have what permissions and where?

I don't want to keep my C drive and my WebFolder open to everyone or have any other un necessary volnerable settings.

Thank you in advance
0
Terrace
Asked:
Terrace
  • 2
  • 2
1 Solution
 
ahoffmannCommented:
sounds more like a firewall is blocking access to port 8081, either on your system or soemwher in the LAN
0
 
TerraceAuthor Commented:
The firewall is one of the first things I checked.
On the Server itself - the Firewall service is not running (When I try to go to Windows Firewall it prompts me that this service is not running and that I can start it if I want).

For outside web users to have access to the site - I know I should open a port in our main company firewall. (that's clear)

One issue that I still have is - what is preventing me to access that website internally using PCs that are in our local network (as intranet site)?
The firewall on PCs is disabled.

Thanks
0
 
TerraceAuthor Commented:
I solved my "mistery" of not being able to see website inside my local network.
I was using IP address of the webserver.
My server has 2 NIC cards. I set up one of them with this IP address and disabled the other one (for time being). Someone made a swap, and disabled NIC card were my static IP was assigned.

Anyway, website is now up an running fine.

Still, going back to original question - I would like to know if someone can give me few good advices or links how to run website with .NET content and have server tightly secure.

Thanks
0
 
ahoffmannCommented:
> .. and have server tightly secure.
could you plase be more specific on that.
If you want to have a secure application, you need to do secure coding, oviously.
If you mean you want to protect your server, then a traditional firewall in front (not build-in) should be the first step.
If you have already unsecure web applications, then a web application firewall aka WAF might help.
If your web applications are vulnerable to (their) session management, then you definitely have to correct that in the code there, no firewall can do that (well, some can help a bit).
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now