you can setup port access only. you can use port 80 for ofbiz. if you don't open Port 8443 on the router(firewall) then it can not be access via the internet. you can do this buy building the IP that can access port 8443.
you can also setup the IP addresses in your router so only local IP's (192.168.*.* or 10.*.*.*) can access port 8443. I always recommend you have a router/firewall box that is seperate from your linux box. then do the same on your linux box. Philip Laing sent the following on 10/19/2007 6:17 AM: > Hi Guys > I am trying to get my head around a best practice for security for ofbiz > backoffice and security for ecommerce. At this point in time I would like > to set ofbiz up so that public access cannot access backoffice database > information or only though pinholes or port forward (with different subnets) > > Has anyone gone through the logistics of setting up 2 x network interface > cards (nics) on a linux box with iptables so that the backoffice if isolated > from the front ecommerce web site? Or better still, have an answer for my > question? > > I have been scrolling through posts I noticed skip wrote RE: POS Security - > web user interface? (New) By: Skip (skipdever) - 2007-10-12 08:33 something > that caught my interest, but other than that I could not find much more the > subject. > > I have setup IPCop however it looks as though this will isolate my internal > network from ofbiz and will allow me to gain access through internet or KVM > > I would be very interested to hear your thoughts on this matter > > Thanks > > phil > > > > >
