Restrict Access to corporate network without whitelisting

[ad_1]

So a long time customer came up to me with a request from the ITsec of his company. They want the wordpress admin panel to be only accessible from their corporate network and vpn. But whitelisting is not allowed in any case.
I know i will have to hire someone else to do it. But first i want to understand how this would even be possible. Because i can't think of an option to make this work without whitelisting at least their vpn ip or any ip.

Can someone give me any examples on how this is possible?

Thanks in advance!

Edit: I just started reading about revers proxy server. Is this a possible way to go or should i drop this approach?

[ad_2]
1 Comment

  1. Why isn’t whitelisting allowed? To my mind this is the only way to achieve blocking all access to admin – using something like a regex WAF rule on the server.

    Another potential option could be to use some sort of external desktop 2FA platform (Authelia open source springs to mind) that is only accessible via the corporate network (I’ve also seen them tied to NFC/card readers). No direct experience in this though.

 

This site will teach you how to build a WordPress website for beginners. We will cover everything from installing WordPress to adding pages, posts, and images to your site. You will learn how to customize your site with themes and plugins, as well as how to market your site online.

Buy WordPress Transfer