Sometimes we face a situation when a certain request is deliberately accessing our resources with consent. In this situation we can block on ip or domain to access our resources in asp.net.
First of all you need to make sure that your OS allows IP restriction, for this, you should do the following:
Windows Server 2012 or Windows Server 2012 R2
On the taskbar, click Server Manager.
In Server Manager, click the Manage menu, and then click Add Roles and Features.
In the Add Roles and Features wizard, click Next. Select the installation type and click Next. Select the destination server and click Next.
On the Server Roles page, expand Web Server (IIS), expand Web Server, expand Security, and then select IP and Domain Restrictions.
Click Next.
On the Select features page, click Next.
On the Confirm installation selections page, click Install.
On the Results page, click Close.
Windows 8 or Windows 8.1
On the Start screen, move the pointer all the way to the lower left corner, right-click the Start button, and then click Control Panel.
In Control Panel, click Programs and Features, and then click Turn Windows features on or off.
Expand Internet Information Services, expand World Wide Web Services, expand Security, and then select IP Security.
Click OK.
Click Close.
Step 1
Change ApplicationHost.config file to allow ipsecurity
You will need to edit the project specific version of the ApplicationHost.config file
<section name="ipSecurity" overrideModeDefault="Allow" />
Step 2
Add the following section in web.config
<system.webserver>
<security>
<ipSecurity allowUnlisted="false">
<add ipAddress="192.168.100.1" /><!-- block ip 192.168.100.1 -->
<add ipAddress="169.254.0.0" subnetMask="255.255.0.0" /><!-- block ip 169.254.0.0 with subnet -->
</ipSecurity>
</security>
</system.webserver>
or
You can create an xml file for the blocked list
Create an xml file for instance RestrictedIP.xml as
<?xml version="1.0"?>
<ipSecurity allowUnlisted="false">
<add ipAddress="xxx.xxx.xxx.xxx" /><!-- block ip xxx.xxx.xxx.xxx here xxx represents your ip number -->
<add ipAddress="xxx.xxx.x.x" subnetMask="255.255.0.0" /><!-- block ip xxx.xxx.x.x with subnet -->
</ipSecurity>
In your web.config file you need to do the following
<system.webserver>
<security>
<ipSecurity configSource="RestrictedIP.xml" />
</security>
First of all you need to make sure that your OS allows IP restriction, for this, you should do the following:
Windows Server 2012 or Windows Server 2012 R2
On the taskbar, click Server Manager.
In Server Manager, click the Manage menu, and then click Add Roles and Features.
In the Add Roles and Features wizard, click Next. Select the installation type and click Next. Select the destination server and click Next.
On the Server Roles page, expand Web Server (IIS), expand Web Server, expand Security, and then select IP and Domain Restrictions.
Click Next.
On the Select features page, click Next.
On the Confirm installation selections page, click Install.
On the Results page, click Close.
Windows 8 or Windows 8.1
On the Start screen, move the pointer all the way to the lower left corner, right-click the Start button, and then click Control Panel.
In Control Panel, click Programs and Features, and then click Turn Windows features on or off.
Expand Internet Information Services, expand World Wide Web Services, expand Security, and then select IP Security.
Click OK.
Click Close.
Step 1
Change ApplicationHost.config file to allow ipsecurity
You will need to edit the project specific version of the ApplicationHost.config file
<section name="ipSecurity" overrideModeDefault="Allow" />
Step 2
Add the following section in web.config
<system.webserver>
<security>
<ipSecurity allowUnlisted="false">
<add ipAddress="192.168.100.1" /><!-- block ip 192.168.100.1 -->
<add ipAddress="169.254.0.0" subnetMask="255.255.0.0" /><!-- block ip 169.254.0.0 with subnet -->
</ipSecurity>
</security>
</system.webserver>
or
You can create an xml file for the blocked list
Create an xml file for instance RestrictedIP.xml as
<?xml version="1.0"?>
<ipSecurity allowUnlisted="false">
<add ipAddress="xxx.xxx.xxx.xxx" /><!-- block ip xxx.xxx.xxx.xxx here xxx represents your ip number -->
<add ipAddress="xxx.xxx.x.x" subnetMask="255.255.0.0" /><!-- block ip xxx.xxx.x.x with subnet -->
</ipSecurity>
In your web.config file you need to do the following
<system.webserver>
<security>
<ipSecurity configSource="RestrictedIP.xml" />
</security>
No comments:
Post a Comment
Comments are welcome, Please join me on my Linked In account
http://in.linkedin.com/pub/ritesh-tandon/21/644/33b