?
Solved

wish to setup a secure web server for downloads, but wont be able to see main network

Posted on 2011-09-26
4
Medium Priority
?
241 Views
Last Modified: 2012-05-12
Hi, My boss has asked me to setup a webserver that will only distribute pdf reports to customers.
I was thinking of setting up a very simple webserver, that customers can see the pdfs and download as they need. not many clients will access it per day, so will host internally for remote access.
My users need to be able to copy the pdf's from our normal works network (sbs2011) to the folder of the webserver. Rather than using an FTP server/cloud, etc.

I was thinking of having our external IP hit our router, then some how redirect to the webserver. But not have the webserver on the same network as the domain. maybe use a few routers ?

What i'm after is a simple and cheap soluton to this. Where we can see the webserver. but if the webserver gets hacked, it can't access our network ?
0
Comment
Question by:total123
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 13

Assisted Solution

by:themrrobert
themrrobert earned 100 total points
ID: 36602389
Put it on the DMZ, there are settings in every router for it, as well as hundreds of google results to help get you there.

Best of luck,
0
 
LVL 5

Accepted Solution

by:
Gareth Tomlinson CISSP earned 100 total points
ID: 36708418
Are you planning to have the server on your domain, to allow users to copy files to it? Very dangerous to do that.
Password protect acces to the DMZ webserver, don't leave it public; ideally restrict access to the server by only allowing specific IP addresses to go through the firewall/router to the DMZ rather than "any".
Set up the redirect by using a non-standard web port rather then port 80; e.g. port 5643
tell your clients to use the URL http://x.x.x.x:5643, set the firewall/router to redirect that to the DMZ server as x.x.x.x on port 80.
That should deal with most of the idiots out there!
Good luck
Gareth
0
 

Author Comment

by:total123
ID: 36961564
thanks for the reply, I've looked at a solution of installing a firewall router that would then split the DMZ to the webserver and have another connection to another firewall router for the domain.
This would then allow the users to copy data to the webserver.
The webserver wouldn't need to be part of the domain.

how does that sound
0
 

Expert Comment

by:AytuncBeken
ID: 36961618
If you are looking for user to put files to webserver you should user file server instead of web server. And if you have any access managemenet functiin you can configure file server to check credentials.
Also with firewall you can open file server  to internet with access control.
0

Featured Post

Get MongoDB database support online, now!

At Percona’s web store you can order your MongoDB database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card. Handle your MongoDB database support now!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here are the symptoms: You start receiving calls from users that one of your legacy web apps isn't coming up, so you log into your IIS 5 server to check it out.  When you pull up the services, you notice that the WWW Publishing service isn't runn…
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question