topic Re: Securing Alfresco for Access from Public Internet in Alfresco Archive

Securing Alfresco for Access from Public Internet

mxc — Wed, 05 Mar 2014 21:03:36 GMT

Hi all,What is the best practice for exposing an internal alfresco service for external clients/extranet. The server hosts internal documents as well as documents which the public need access too. I am reluctant to expose the whole port tomcat is listening on to the net and thereby allowing people t

Re: Securing Alfresco for Access from Public Internet

eswbitto — Wed, 05 Mar 2014 23:23:31 GMT

Why don't you just create a public website apart from alfresco and in that webpage post links (public links) to the documents you need the public to have access to. FYI…if you didn't know. Each document is given a public link.

They get access to those documents without having to log into alfresco.

Re: Securing Alfresco for Access from Public Internet

mxc — Thu, 06 Mar 2014 21:52:28 GMT

Thanks will investigate further. I suppose this would still require port 80 etc to be forwarded to Alfresco and hence any URL could be probed. Something I did come across was the possibility of replicating your public content to a staging server in the DMZ and then the risk is greatly reduced. A bit of extra work and cost but sounds much more secure.