Thanks Sean,
I'll pass that along to SysAdmin. Sounds like a good plan. Since this web service will only be used by the web server, I may be looking at ways to expose the WSDL only to the web site developer as well.
--Michael

-----Original Message-----
From: WEB400 [mailto:web400-bounces@xxxxxxxxxxxx] On Behalf Of
Porterfield, Sean
Sent: Wednesday, February 04, 2015 12:48 PM
To: Web Enabling the IBM i (AS/400 and iSeries)
Subject: Re: [WEB400] Security for web site accessing i via IWS

Only allow the web server IP address through your firewall. If you have
to run other things on the same server that prevent that, at least check
the IP address in your program to see if it's allowed.
--
Sean Porterfield


-----Original Message-----
From: Koester, Michael
Sent: Tuesday, February 03, 2015 08:25
To: Web Enabling the IBM i (AS/400 and iSeries)
Subject: Re: [WEB400] Security for web site accessing i via IWS

...
I just need to understand what needs to be done to protect the customer
data in transit, and to ensure that the web server is the only way in.

________________________________




As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.