Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Use firewall to restrict all connections (e.g. http) except for terminal services?

  • 03-03-2009 11:32am
    #1
    Closed Accounts Posts: 12,382 ✭✭✭✭


    Hello all

    I have a server (let's call the server MARS) which I have set up terminal services on. There is a web application on MARS which can only be accessed by logging onto MARS and launching IE.

    So people can use terminal services to connect to MARS and then once connected launch IE on MARS.

    The problem is people can bypass terminal services altogether and simply type http://MARS/webapp on their local PC. I want to stop this.

    Does anyone know how I can use the firewall to restrict http access to MARS without blocking terminal services? In other words, http://MARS/webapp would be disallowed, but http://MARS/tsweb would be allowed.

    Any help appreciated.

    Thanks!


Comments

  • Registered Users, Registered Users 2 Posts: 2,534 ✭✭✭FruitLover


    This is something that should probably be done on the web server, rather than a firewall.


  • Closed Accounts Posts: 12,382 ✭✭✭✭AARRRGH


    OK, I am happy to do it on the web server. Do you have any idea how I can do this?!

    Thanks.


  • Closed Accounts Posts: 12,382 ✭✭✭✭AARRRGH


    Figured it out. In the web server I blocked access to webapp for everyone except the local IP, so people will have to be logged on to run it. :)

    Cheers!


  • Registered Users, Registered Users 2 Posts: 2,777 ✭✭✭shanew


    I presume that you're using IIS, dont know the setting off the top of my head for that, but the equiv. in apache is 'allow hosts' in config. If you set this to 127.0.0.1 or localhost it will allow web access from the server only...
    AARRRGH wrote: »
    OK, I am happy to do it on the web server. Do you have any idea how I can do this?!

    Thanks.


  • Closed Accounts Posts: 23,718 ✭✭✭✭JonathanAnon


    There should be virtual web sites set up in IIS Admin, one for each folder. You should be able to control who can use it through the properties of each virtual web site.


  • Advertisement
Advertisement