This content has been marked as final. Show 1 reply
I'm not sure if this is the ideal recommendation, but I know of a way you could block the "internal-only" applications from being accessed externally.
1) Create a function which inspects the CGI environment variables, e.g., HTTP_HOST, HTTP_PORT, etc. Using this information, you determine if the request is emanating from an internal server name or an external server name.
2) Create an authorization scheme which returns FALSE if the host/port/other CGI isn't what you expect.
3) Apply this authorization scheme to every application you wish to keep from an external site.
I know this isn't ideal, as you have to add this to every "internal-only" application. And if you forget an application, then this application suddenly becomes available on the Internet. But it's one way. If all of the applications are in the same workspace, you could define this authorization scheme in one application and subscribe to it from the other applications.
P.S. From SQL Commands, you can see all of the CGI environment variables at your disposal using: