On 9/13/05, AragonX <aragonx@xxxxxxxxxx> wrote: > Hello all, > > I am trying to secure my web server. It serves internal users (employees) > and external users (customers). There are some web applications that I > would like to have available to internal users but require external users > to have a password to access the directory (the applications have their > own security but I don't want any of the scripts or files visible to the > internet at all. They are all under the /internal directory). Can this > be done? > > The server has two NICS, one serving the internal network and one serving > the external. Is there a module that will allow different security levels > based in this information? > > I know that mod_access and I think mod_security will allow me to do this > but they do it based on IP address. I'm afraid someone will spoof the IP > addresses of the internal network to bypass this security measure. > > What I'm trying to avoid is having the employees log in twice to access > the web apps. They would be most unhappy. What you could do ishave two virtual hosts, one atached to the IP address of the external interface and another attached to the IP address of the internal interface. Put the common config outside of the <VirthualHost> containers, and the security config inside them. Krist -- krist.vanbesien@xxxxxxxxx Solothurn, Switzerland --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|