Restrict Access of technical webapp from internet | Adobe Higher Education
Skip to main content
D
DebTr
Level 6
May 31, 2022
Répondu

Restrict Access of technical webapp from internet

Hi Team,

We have webapps hosted in an On-premise Adobe Campaign Classic instance that are all currently accessible from internet . There some technical webapps that we want to be accessed by ACC end users from the company VPN and some webapps/surveys used by customer/recipients like opt-in/out from internet.

 

We have access control(login) enabled for technical webapps, but how can we restrict the technical webapps from being exposed to internet?

 

Cheers,

Deb

Ce sujet a été fermé aux réponses.
Meilleure réponse par Marcel_Szimonisz

Hi @marcel_szimonisz

Could you please help @debtr further with their query?

Thanks!


Hello @debtr, we have added restriction on the firewalls rules there were no restrictions on sysconfig (no idea what is that anyway) nor security zones as I was told by the network technician  that you always get the internal IP of web server that is infront of application server, if you have one in place, so the IP will be same for all incoming traffic and security zones then will not work. If you are getting IP address of actual user then add the restrictions on web application itself. if not set firewall rules for certain URLs that can be accessed only by certain range of IPs?

In our setup frontal and application is different server with different URLs hosted on different VMs just with shared DB. All frontal requests to login page are blocked by firewall so customers can access unsub pages and other web apps that do not require password. On the application server there is not restriction apart that is not accessible from public.

 

Will this clear some of your questions?

 

Marcel

 

Marcel

1 commentaire

Marcel_Szimonisz
Community Advisor
Marcel_SzimoniszCommunity Advisor
Community Advisor
May 31, 2022

Hello @debtr,

Recently we restricted such scenarios by adding rules to the firewall on the frontal servers. So the web apps with login could be accessed only via application server that is only accessible over intranet.

 

Or you can extend the login  jssp page and add additonal IP check or any other checks you want. 

 

Marcel

 

 

    D
    DebTrAuteur
    Level 6
    June 1, 2022

    Hi @marcel_szimonisz ,

    Thanks for your reply. I tried the frontal and application server approach but couldn't make it work by changing the sysconfig file by adding IP masking in web node.

     

    Did you make change in sysconfig or in a network level to restrict webapp access from internet?

     

    I don't think extending logon.jssp will do the trick as we can only restrict based on IP, but our requirement is to restrict only specific webapps from internet.

     

    Cheers,

    Deb 

    Sukrity_Wadhwa
    Community Manager
    Sukrity_WadhwaCommunity Manager
    Community Manager
    July 12, 2022

    Hi @marcel_szimonisz

    Could you please help @debtr further with their query?

    Thanks!

    Sukrity Wadhwa
    Conditions d'utilisationAccessibility statement

    Loading footer...