For the longest time, I've been applying IP whitelisting to an entire website in IIS. But lately, I've been wanting to just apply it to a specific asmx file in the site, while keeping the rest unrestricted. After doing some research, it seems that this can be simply done in IIS 6.0 by right-clicking on the asmx file and choosing File Security.
But with Windows 2012 Server and its built-in IIS 8.5, it gets a little more complicated. First, you have to install the IP Security feature from Server Manager if it is not yet installed:
http://www.iis.net/configreference/system.webserver/security/ipsecurity/add
From my experience with Softlayer, their bare metal installation somehow does not have this feature pre-installed. But with my Cloud Server, all Web Server options were pre-installed. From IIS Manager, go to Content View; right-click the asmx file you want to protect and select Switch to Features View. Then open IP Address and Domain Restriction.
Visit this for more information:
http://stackoverflow.com/questions/1075618/limit-access-of-asmx-web-service-to-specific-ip-addresses
One can also specify the IP restriction by hand via web.config as shown here:
http://serverfault.com/questions/653672/how-to-ip-restrict-access-to-a-website-in-iis8-5-windows-2012r2
Monday, July 27, 2015
Subscribe to:
Posts (Atom)
