Intranet hosting

I'm looking for someone to host an intranet. Yes, thats not a typo, we really do mean intranet. Needs to be externally hosted as we have branches world wide.

My biggest concern is security. How can I control access to people within the company, but prevent every man and his dog getting in - preferably without the users having to go through some kind of login process (maybe once would be acceptable).

Any help/suggestions would be very grateful as the new MD wants this in by last week :shock: :rolls: :shock:

Cheers - Panda

You'll most likely need somewhere that will allow you to access the web server config files. Then you'll need to create access lists of the ips that can be trusted to access the information. You'll need static ips from where people access from for this to work.

For people who don't have static ips the only way will be to give them a username and password to access it.

Something like the following should work in apache

<Limit />
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
</Limit>

Alternatively you could do all the ip handling in the code for the website.

Hx

Thanks for that m8.

We are now looking at a dedicated server so IP addresses may be a partial answer - however, we do have many mobile users who will use dial up and therefore non fixed IP's.

I've half an idea which may sort our problems using some cunning encryption and validation on the server ;)

Cheers - Panda

Depending on how much money you want to spend you could only allow users to access the intranet when logged in through a specified ISP.

We run a funky tokenID system here where you give a user a key fob that displays a random number every 10 seconds and this is synchronised with the server to provide a dynamically changing password.

If you are asking elsewhere, I believe the correct term for what you want is an extranet (We support a few of these in the office) One of them has securID which is well secure!!