Security

[contact77]

I edited my htaccess file in the www folder to enable LAN access but don't want to be exposed to the internet. Do I need to add any changes to htaccess for the server to only allow access from the LAN and not from an outsider on the internet?

[olajideolaolorun]

You will need to set it to allow connection from 192.168.1.* or something.

[contact77]

Sorry I didn't reply to this sooner. Thanks for the info and I'll let you know how it goes.

[contact77]

I'm not so experienced with all of this so I have a few more questoins. I was wondering if there's any advantage security wise to set connections to my LAN IP address as opposed to just editing out the allow/deny settings since the router will only allow outside access from its specific WAN address? In other words if someone from the outside were to get past the router wouldn't he be allowed access to everyone on the LAN either way? What I'm actually looking for is a way to keep anyone from outside getting in. From what I unerstand someone would have to know the router WAN IP (IGA) to do anything (I don't have a registered domain name, global address, or whatever you call an address that is exposed to everyone on the internet) and even then it would be difficult to get in and it's probably not really necessary(?). But I figure if there is a way better safe than sorry. Would that be something that I would need to do with some sort of firewall settings instead?

Edited June 28, 2006 by contact77

[olajideolaolorun]

If you have a router, then you can just do the ALLOW/DENY.... They probably wont get pass the router and if they do, probably not to the server.