Allow outside connections to access specific folders on Web Server (HTTP)

carloslaso used Ask the Experts™
I have a mobile app that needs to access my server, and the only way I have been able to access my server information is by opening port 80 to my server internal IP address. (Attached picture)

How can I protect my server from allowing HTTP connections to all folders? I just need to allow HTTP access to two folders, not all shared folders.
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Ok, you're using RRAS for a gateway, what you did now is you added a DNAT rule for port 80 to your internal web server. So far so good. Now you have to configure your interal web server at address to server only certain content over HTTP.

I guess that you are using Microsoft IIS to serve HTTP requests. Go to IIS configuration and choose first is you want to use authentication or anonymous access. If you want to keep anonymous access, by default IIS will use IISUSER_GUEST user's priviledged when accessing the folders that IIS will serve over HTTP. You can simply configure NTFS permissions on folders on your IIS root to only allow IISUSER_GUEST access to certain folders and not others. Note that this will block ALL HTTP reqests, even those from your internal LAN. If that's not good for you, you should make another web in your IIS (on another port) that can serve just these folders, and DNAT that port to be accessible over the Internet via port 80.


Great Work

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial