Opening Ports 80 and 443 safe or dangerous?

Question

A outsource support group wants Port 80 and Port 443 opened in order they can log onto a server. They don't want to RDP into the system to do maintenance. 
 Is it dangerous and foolish to open Port 80 and Port 443 and port forward it to a particular server? 
 
 Their next suggestion was to port forward and white list their IP to allow only traffic from their office to that server. Is this wise? 
 Thank you

RobertDavis · Accepted Answer

You could only allow a set of public IPs through the firewall to your web site from the Internet. 
 For opening a website from the outside, you need to make sure the site is secure from XSS or SQL Injection and make sure that only secure SSL cyphers are allowed. If you don't know how to do that, I would leave them VPN.

lferrara · Answer

DMC, 
 Ports 80 and 443 are very popular and they can be discovered by attackers easily. 
 Make sure you understand what is flowing inside those ports. Make sure to use 443 because traffic is encrypted. 
 Opening them from a restricted IP reduces the attack surface. 
 The best way to stay protected is always a VPN and they should that instead of other protocols. 
 Regards