There may be times when your private server needs to be accessed from other companies. You may do this via dial-up connections, dedicated network links, or over the Internet.
Using Dial-up Connections If users need only access the Web server infrequently, it might make sense to install a dial-in modem. This connection can be running PPP software to allow full network access, or could just be used as a dumb terminal to allow simple access via lynx.
Dial-up connections can be password-protected to eliminate unauthorized use. Using Caller ID (CID) can reduce the risk even more, by enabling one to restrict telephone answering to certain authorized numbers.
Dial-up lines are the most secure way of allowing access into your network, but are usually too slow for simultaneous multiple-party use.
Using a Dedicated Link If sharing data among sites, you may want to consider a dedicated high-speed link. These links can be ISDN, Frame Relay, or a T1 link.
Dedicated links are only as secure as the network you are connecting to. If the other network can be broken into, so can yours. Therefore, it makes sense to protect yourself from this link, just as you would do so from the Internet in general. Treat any connection outside your company as hostile.
Using Router Access Lists If you are using the Internet to allow other users to access your company server, or a dedicated line to another company, it might be a good idea to set up an access list on your router.
Setting up an access list which restricts access to your Web server to a specific machine, or list of machines, is a good way to reduce the risk incurred when connecting. Such risk may be further reduced by allowing only the most remote sites to connect to the port on which your server is running (check the Port directive or the inetd.conf file).
This will help to protect from access via other means, such as NFS or FTP.
Password Protection If there is no router to aid in protection, you should at least use the Apache password protection. This will require valid user names and passwords to access via the Web server.
Passwords are set up using the Auth and Limit directives in the access.conf file.
Using the Web server password protection will protect you from attacks through the Web server software. It will not protect you from access by other means such as NFS or FTP.