Amazon Ad

Wednesday, 29 January 2020

How to restrict IP address for your .NET Application using web.config

Sometimes we face a situation when a certain request is deliberately accessing our resources with consent. In this situation we can block on ip or domain to access our resources in asp.net.



First of all you need to make sure that your OS allows IP restriction, for this, you should do the following:

Windows Server 2012 or Windows Server 2012 R2

On the taskbar, click Server Manager.
In Server Manager, click the Manage menu, and then click Add Roles and Features.
In the Add Roles and Features wizard, click Next. Select the installation type and click Next. Select the destination server and click Next.
On the Server Roles page, expand Web Server (IIS), expand Web Server, expand Security, and then select IP and Domain Restrictions.

Click Next.
On the Select features page, click Next.
On the Confirm installation selections page, click Install.
On the Results page, click Close.

Windows 8 or Windows 8.1

On the Start screen, move the pointer all the way to the lower left corner, right-click the Start button, and then click Control Panel.
In Control Panel, click Programs and Features, and then click Turn Windows features on or off.
Expand Internet Information Services, expand World Wide Web Services, expand Security, and then select IP Security.
Click OK.
Click Close.


Step 1

Change ApplicationHost.config file to allow ipsecurity

You will need to edit the project specific version of the ApplicationHost.config file

<section name="ipSecurity" overrideModeDefault="Allow" />

Step 2

Add the following section in web.config

<system.webserver>
<security>
         <ipSecurity allowUnlisted="false">
            <add ipAddress="192.168.100.1" /><!-- block ip 192.168.100.1 -->
            <add ipAddress="169.254.0.0" subnetMask="255.255.0.0" /><!-- block ip 169.254.0.0 with subnet -->
         </ipSecurity>
      </security>
</system.webserver>

or

You can create an xml file for the blocked list

Create an xml file for instance RestrictedIP.xml as
<?xml version="1.0"?>
<ipSecurity allowUnlisted="false">
       <add ipAddress="xxx.xxx.xxx.xxx" /><!-- block ip xxx.xxx.xxx.xxx here xxx represents your ip number -->
       <add ipAddress="xxx.xxx.x.x" subnetMask="255.255.0.0" /><!-- block ip xxx.xxx.x.x with subnet -->
</ipSecurity>

In your web.config file you need to do the following

<system.webserver>
<security>
         <ipSecurity configSource="RestrictedIP.xml" />
</security>

No comments:

Post a Comment

Comments are welcome, Please join me on my Linked In account

http://in.linkedin.com/pub/ritesh-tandon/21/644/33b

How to implement Captcha v3 in ASP.NET

 I was facing an issue of dom parsing in my website. I finally resolved it by using Google Captcha V3. Step 1: Get your keys from https:...