Background: I have limited server admin / networking knowledge, my background is non-network programming.
What are some options for securing and hiding internal sites?
I have a Windows VPS running public sites, but it also has some internal stuff running on a variety of servers (Jira / Jenkins running in Tomcat, Visual SVN in Apache) and on various ports.
Ideally, I'd like an internal.mydomain.com set up in IIS, with internal.mydomain/jira and internal.mydomain/svn, and have the entire subdomain secured from external access.
I'm pretty sure I can set up IIS to proxy requests to Tomcat and Apache (so I can set up the subdomain stuff), but how can I secure the subdomain itself?
Can I have a VPN set up and have IIS block traffic unless it comes from the VPN? I've only seen VPNs set up to traffic through the VPN server to other computers on the network - can I set up a VPN with only one server?
I know I can do IP based filtering, but that's not an ideal solution since I and others often access the internal sites from places with very dynamic ips.
0 Answers