Allow specific users from outside my intranet to access website

0

I have an intranet website setup at my house. I'm running under XAMPP. Everything works fine. I'd like to give access to specific users in order for them to test the website (private testing) instead of making it available to the internet. Specifically, I want specific users to have private access to my intranet website and others would be denied access to that site.

I already configured port forwarding on my router. What would be the extra steps I'd need to take?

C.O.D.E

Posted 2013-10-09T19:39:12.657

Reputation: 113

1Why not just use something like teamviewer to establish a VPN? – 50-3 – 2013-10-09T19:51:06.197

How would I go about doing this? I'm a complete noob at this – C.O.D.E – 2013-10-09T20:07:13.203

It's all point and click in the teamviewer GUI, I can guide my mother through it without dramas. They also have the process documented in there user guide – 50-3 – 2013-10-09T20:16:13.063

Answers

2

You have several options. You need a way to check that a user has the credentials necessary to access the server or pages on the server. How you want to check those credentials is up to you:

VPN

As 50-3 suggested, a VPN would remove the need to expose your site to the internet. While TeamViewer would work, another alternative is Hamachi. You can create a VPN that connects all the members together as if they were on the same network. You can revoke access to anyone at any time. The software must be installed on your server machine, and on the PCs of the users.

CMS Plugin

If you are running a CMS like Wordpress or Joomla, simply get a plugin that can protect the pages with usernames and passwords.

Certificate

You can generate a self-signed certificate for Apache that will only allow your protected areas to be accessed if the cert is present.

IP Address Whitelisting

Using an .htaccess file, you can restrict access from certain IPs to directories or files using the Order allow,deny function and the Allow from function.

Example:

RewriteEngine on

#The # character denotes a comment.

Order allow,deny

#Main Office
Allow from 12.34.56.789

#Toronto
Allow from 987.654.321.100

#Chicago
Allow from 100.100.100.222

.htaccess Password

You can use .htaccess and .htpsswd file to protect pages or directories. You can add multiple users to this file. This site is lovely and builds these files for you. I notice you described yourself as unfamiliar with all of this so this might be the best option for you. They generate the files for you to download and give you steps on how to get it working.

Moses

Posted 2013-10-09T19:39:12.657

Reputation: 10 813

Altough i like that last suggestion (.htaccess Password) i was thinking more of using (IP Address Whitelisting) as I want the specific user to login my page (username and password in MYSQL). Do i need to put the user`s WAN IP in the .htaccess file in order for him to access my localwebsite? – C.O.D.E – 2013-10-09T20:45:36.813

@C.O.D.E Yep, you got it. – Moses – 2013-10-09T20:47:12.853

Cool :)! So by doing that, everyone else who`s trying to access my local website will be denied, right :) ? – C.O.D.E – 2013-10-09T20:49:36.563

@C.O.D.E Yes, as long as you do it correctly. I edited my answer to include an example. This .htaccess would disallow access to all files and subfolders of the folder it's placed in. – Moses – 2013-10-09T20:53:20.567

Dude, you're amazing :). At least, that will give me a head start!! And all I need to do now is to make my local website available on the internet and then i can whitelist the specific users ip addresses :). – C.O.D.E – 2013-10-09T20:57:22.053

Great effort here and thanks for the Ref also bookmarking Hamachi, Also would love to see someone from toronto connect -_- did you just smash the numpad?

– 50-3 – 2013-10-16T00:31:23.577

@50-3 Well, it is sequential, but I was obviously a little tired when I entered an IP starting with 987 :) – Moses – 2013-10-16T17:25:16.643

Asked: 2013-10-09T19:39:12.657

Viewed: 5 349 times

Active: 2013-10-09T21:01:07.970