Re: securing an intranet site
- From: Dominick Baier [DevelopMentor] <dbaier@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 31 May 2006 10:42:50 +0000 (UTC)
So you wanna secure the site from your admins?? this will not work?
---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
I have been tasked with developing a web application that only 2
people and myself for development purposes are allowed to access. I
dont think its possible to use the web.config file for this as other
members of the IT departement have full administrator access to teh
network meaning they could go into the directory and modify the
web.config file to allow them access to the site. I have been on the
asp.net courses that are needed to pass the asp.net exam, and it only
had information on securing a site with the web.config file. I am
stuck on what options i have.
There is one page that everyone in the business needs access to, this
is a form that submits some details to the backend database. The rest
of the system needs to be locked down. Certificates have been thrown
around as a suggestion does anyone think this is viable.
If anyone can offer some suggestions or places of reference i would be
very grateful
regards
.
- Prev by Date: Re: website restricted to fixed public IP or to only PC wth predefined configuration
- Next by Date: Re: securing an intranet site
- Previous by thread: How to set the Password from SQL using aspnet_Membership_CreateUser
- Next by thread: Re: securing an intranet site
- Index(es):
