Start Free Trial
Come for the solution, stay for everything else.
Start Free Trial
host intranet site externally
Hi we have an intranet site, yet we want to make it and the databases it connect to on other internal servers available publicly from the internet.
We have a domain name already registered with att, so we can add a dns record. But how do i do this from the primary intranet servers?
I would also want to restrict login access to only those with an ldap login
Web Development Software
8/22/2022 - Mon
The simplest recommended architecture to expose internal web servers to the internet:
Make sure that your intranet app supports form based login, and works with the LDAP of your choice. Often intranets are designed to use the workstation login for SSO, and this will fail in your case.
Make sure that your intranet app works behind a reverse proxy and does not depend on things like client IP addresses.
Harden the intranet server. Really.
Ditto the database server.
Create a DMZ on your network
Configure the DMZ access to the intranet network
Place a WAF serving as a reverse proxy in the DMZ. If you can't afford a commercial WAF, use Apache with mod_security.
Assign the A record to the WAF.
Get a pro to evaluate your actual setup, and to pentest it.
i get it conceptually, i had many of those same ideas and guidelines im looking for an actual detailed pathway to doing this however...
lol, an actual detailed pathway is so dependent on your actual detailed setup.
The above is as detailed as it gets without the specifics.
I suggest that you get a real life expert to help you a bit.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
How do I make sure it works behind a reverse proxy
ASKER CERTIFIED SOLUTION
Log in or sign up to see answer
Become an EE member today
7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Plans and Pricing
Certified Expert Program
© 1996-2022 Experts Exchange, LLC. All rights reserved. Covered by US Patent