External users are not allowed to use the windows authentication

sharepoint2013
codeplex

#1
For a site collection, i enabled windows auth and FBA. For external users i need to disable the windows authentication to prevent internet attack of AD Account. For internal users both should be enabled. Is is possible to acheive?

#2
Yes, just extend the web application (Central Admin). That will give you a second url, and you can configure the authentication settings for each separately. So now internal users will go to one url, and external users will go to a different url.

#3
Thank You. Is it possible to hide the Role management in site settings?

#4
Not at the moment, without modifying the source code.