PHP - Security what is best way?

Question

What is the best way to secure an intranet website developed using PHP from outside attacks?

Answer 1

You could only allow access from internal IPs from the php app itself. Also dont ignore the usual security and best practices. Input validation and output encoding(whitelisting only), user accounts with hashed passwords etc.