Get Started
  • Advanced Use Cases

Business Intranet Configuration

🔴 Advanced
⏱️ 60 minutes
Pro Feature

Summary

Configure WordPress as a secure corporate intranet with IP whitelisting, department-based access control, mandatory 2FA, audit logging, and integration with existing IT infrastructure. Ideal for company portals, internal documentation, HR systems, and collaborative workspaces.

Prerequisites

  • ✅ Attributes User Access Pro installed
  • ✅ SSL certificate configured (HTTPS required)
  • ✅ Static IP addresses or IP ranges documented
  • ✅ Organizational chart/department structure
  • ✅ IT security policies and compliance requirements
  • ✅ SMTP configured for email notifications

Step 1: Configure IP-Based Access Control

Restrict access to corporate IP addresses:

IP Whitelist Configuration

  1. Navigate to Users → Attributes User Access → Security → IP Control
  2. Enable “IP Whitelist Mode”
  3. Add company IP addresses/ranges: 
    // Office locations
192.168.1.0/24        - Headquarters
10.0.0.0/16           - Regional Office A
172.16.0.0/12         - Regional Office B

// VPN access
203.0.113.0/24        - Corporate VPN pool

// Remote workers (optional)
Allow specific IPs or require VPN

  4. Configure lockout behavior for non-whitelisted IPs
  5. Set up admin bypass (emergency access)

Geo-Restriction (Optional)

  • Restrict to specific countries where company operates
  • Block high-risk countries
  • Log international access attempts

Step 2: Department-Based User Roles

Create roles matching organizational structure:

Department Role Name Access Level Capabilities
Human Resources hr_staff HR portal, policies View employee data, manage benefits
IT Department it_staff All systems, documentation Manage users, system settings
Finance finance_staff Financial data, reports View/edit financial content
Sales sales_staff CRM, sales materials Access customer data, proposals
Management manager All departments View all, approve requests
General Staff employee Public intranet areas View news, policies, directory

Step 3: Mandatory Two-Factor Authentication

Require 2FA for all corporate users:

  1. Enable “Enforce 2FA” for all intranet roles
  2. Configure 2FA settings:
    • Method: Authenticator app (Google/Microsoft)
    • Setup grace period: 3 days maximum
    • Backup codes: Required (10 codes)
    • Remember device: 30 days
  3. Provide setup instructions and IT support
  4. Track 2FA adoption in user dashboard

Step 4: Single Sign-On (SSO) Integration

Connect with existing corporate authentication:

LDAP/Active Directory Integration

// Configure LDAP connection
LDAP Server: ldap://ad.company.com
Base DN: DC=company,DC=com
Bind DN: CN=WordPress,OU=Services,DC=company,DC=com
Bind Password: [encrypted password]

// User sync settings
Sync Frequency: Every 4 hours
Auto-create users: Yes
Update existing users: Yes
Role mapping: department → WordPress role

SAML 2.0 Integration

  • Configure identity provider (Okta, Azure AD, etc.)
  • Set up service provider metadata
  • Test SSO login flow
  • Enable just-in-time provisioning

Step 5: Configure Audit Logging

Enable comprehensive activity tracking:

Logged Activities

  • ✅ All login/logout events
  • ✅ Failed authentication attempts
  • ✅ Page/content access
  • ✅ File downloads
  • ✅ User profile changes
  • ✅ Role/permission changes
  • ✅ Security setting modifications
  • ✅ Export/print actions

Compliance Reporting

// Export audit logs for compliance
Users → Attributes User Access → Audit Log
Date Range: Last 90 days
Export Format: CSV
Include: User ID, Action, Timestamp, IP, Resource

Step 6: Set Up Session Management

Control user session security:

Setting Recommended Value
Session Timeout (Idle) 30 minutes
Maximum Session Duration 8 hours (workday)
Concurrent Sessions 1 (enforce single device)
Force Logout on Browser Close Enabled
Session Hijacking Protection Enabled (IP + user agent)

Step 7: Create Department Portals

Build dedicated areas for each department:

HR Portal Example

  • 📋 Employee Handbook – Policies and procedures
  • 📅 Time Off Requests – PTO submission and approval
  • 💼 Benefits Information – Healthcare, retirement plans
  • 📄 Forms & Templates – Downloadable documents
  • 📞 HR Contact Directory – Support channels
  • 🎓 Training Resources – Onboarding, compliance
// Restrict HR portal to HR staff and managers
[attrua_restrict roles="hr_staff,manager"]
    
[/attrua_restrict]

Best Practices

  • Regular access audits – Review permissions quarterly
  • Offboarding process – Immediate access revocation
  • Password policies – Enforce strong, unique passwords
  • Security training – Regular employee education
  • Incident response plan – Document breach procedures
  • Backup admin access – Emergency access method
  • Mobile device management – Control mobile access
  • Compliance documentation – Maintain audit trails

Related Articles

Review My Order

0

Subtotal

Taxes & shipping calculated at checkout

Checkout