Tuesday, August 4, 2015

IIS restrict access to a web site

For development and test servers which may need some external access, it can be good practice to set up security around which IPs can access the web sites and which will be denied. The first requirement is to install the required server role:

  1. Open the server manager
  2. Click Manage and then Add Roles and Features
  3. Select the installation type and click Next, then select the server and click Next
  4. Under server roles expand Web Server (IIS) > Web Server > Security and then check IP and Domain Restrictions
Now under IIS manager, the IP and Domain Restrictions item will be available at the web site level. 

To block all IP addresses by default: Edit Feature Settings and set Access for unspecified clients to Deny. Allow entries can then be added for any IPs which you wish to have access to the web site. 

The reverse can also be done, with Access for unspecified clients set to Allow and any IP addresses you wish blocked added as Deny Entries.

No comments:

Post a Comment