Adding links to secure sites

How to disguise inside.barnardos links to Content Server, Firstpoint, Huddle, etc.

There are several links on Inside Barnardo's which increase our attack surface by exposing the internal systems we use to would-be attackers.

To counter this we've made a proxy tool which hides the URL behind a proxy service, only letting people coming from inside our internal network access to the real URL.

The tool is a line of code to which we add the extension of the url we need to hide.

So for example if you need to link to this content server address http://livelink.barnardos.org.uk/otcs/llisapi.dll/open/299451129

Take the proxy URL for Content Server which is https://barnardos-ip-proxy.herokuapp.com/domains/89939d40-896b-49c9-8a34-9aa06f17445d

Then add the Content Server url extension, in this case: /otcs/llisapi.dll/open/299451129

And you get this  https://barnardos-ip-proxy.herokuapp.com/domains/89939d40-896b-49c9-8a34-9aa06f17445d/otcs/llisapi.dll/open/299451129 which you put in the link field in drupal to link to the page in Content Server.

For our small editorial team this is good approach.  I think we’ll have to do a little training if we roll out to more CMS Users but it is not a huge issue.

Secure sites and proxy urls

Firstpoint 

Content Server

eLearning

eArcu

Online payslip portal

Huddle login

Huddle main

eLearn

Myplace