We have just launched a new web solution that exposes on the web of documents to the Italian law must be accessible to all citizens.
http://88.56.51.21/servoy-webclient/ss/s/albo_pretorio
The application server is inside our LAN and is reached from the outside with a public IP. To achieve a satisfactory level of security we have put the application server (which has only this solution on board) in a DMZ area.
All right? Not really.
There is a feature that I think is still missing. The ability to prevent access to the administration of Servoy Application Server from outside our LAN. Certainly you must know the login but it is possible that an attacker could perform a brute force attack with predictable consequences.
If there it is already possible I apologize in advance, otherwise I think that is to be implemented to ensure the highest level of security required by this type of situation.
Sincerely