I dont know what is the best thing to do to secure my website via internet and intranet. It happens that some of my pages should be able to view via the internet but all pages should keep running and able to access via intranet. On web.config I set the authentication mode to "WINDOWS". According to some article "WINDOWS authentication" is for intranet and not advisable to use it via internet. Right now, I know the best thing to do is to set it to "FORMS authentication".
My problem is, how do I secure or restrict my other pages/files which not suppose to be seen on the internet. I try to set the IP/PORT but the access on the file still able to view(e.g by typing the file directory).
I would appreciate any advice.
Thanks in advance.