I have a login safe application and it has hundreds of users.
WordPress is a separate module of it and only used for blogging purpose [no other usage].
Both using the common database.
The blogs are not for public but only for our users.
Recently I am getting spam comments to our blogs and I am worried about the blogs.
How I can make the WordPress totally private for our application users. All our users do not have WordPress login but are allowed to check the blogs and post their comments.
If your on a company intranet it might be easier/more secure to just whitelist a few IP’s and deny access to everything else, you can do that with apache config or .htaccess. Otherwise you will have to get people to login and then you can use a plugin like “Members Only”, there are several of these for private blogs.
if you are worried about spams you should use a anti-spam plugin (Akismet comes by default you should configure it). For the session enabling and usage you wordpress session enabler (but i highly dough that it would be of much help). You can also use Registered Users Only, Members Only or registered users only 2 to force your users to login before the can access your blog if you can configure your app and wp use the same user db. And be sure that you have told wp to stay private and hidden from search engines some times that also helps against spam.