I mostly work on CMSs, where there is no security concern about the people who CAN/CANT enter the site because it is for public use, but now i have been assigned to work on an Intranet App, and would like to know i开发者_运维技巧f on the programmatic side i must take care of extra security features or all that "intranet security" is handle by the "net hardware and config" -> (Routers, switch, hubs, etc...)
first of all, i'm sorry my lousy english, as this is not my natural language.
So... in my company we deny all traffic from external interfaces to the intranet server (hardware based firewall).
This should be obvious. Additionally, we only allow traffic from internal IP address range.
In the application itself, is just a well known CMS. Also, the mysql server only allows traffic from/to the apache server. And we closed all the ports except https (on apache), and a non-default to SSH. This little setup, on a different network range, is also behind a proxy/firewall (unTangle) which takes care of extra protection, logging, and NAT.
Hope this can "enlight" you a little more.
EDIT: The CMS itself, allows to install a module/plug-in to manage permissions based on user level/category.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论