Solved

Restrict site access with IIS

Posted on 2011-09-12
6
189 Views
Last Modified: 2012-05-12
Can IIS be configured to give access only from certain IPs?

How secure is this? If a user spoofs an IP can this be overridden?

Does this effect DNS?

Can you give me basic instruction on how to do this?
0
Comment
Question by:sam1492
6 Comments
 
LVL 3

Expert Comment

by:Krypton-IT-Solutions
ID: 36522281
Hello, you can go into IIS and right click the site in question, and go to properties and then directory security. Not sure about spoofing and I'm sure anything can be bypassed if you have the no how but this IP restriction should help you.

http://support.microsoft.com/kb/324066

Regards
[advertising signature removed - modguy]
0
 
LVL 9

Expert Comment

by:tanujchandna
ID: 36522282
Hi,

Please refer the following article url for the same:

http://learn.iis.net/page.aspx/159/configuring-remote-administration-and-feature-delegation-in-iis-7/

If you want to restrict website to a specific range of IP address the refer the following article url:

http://forums.iis.net/t/1153158.aspx
0
 
LVL 11

Accepted Solution

by:
Sanjay Santoki earned 500 total points
ID: 36522543
Hi Sam,

You can IP based access for any website as said by first post. Basically this is a kernel filter that will load at the kernel level when IIS service start. The connection for the web request will come to the server and IIS will reject it if it is not in allowed list.

It is more secure if you are going to allow only few IP addresses. Also, it will block access through spoofing at some instant.

In respect of DNS, you don't need to do anything.

Thanks,
Sanjay Santoki
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 

Author Comment

by:sam1492
ID: 36522705
If I have multiple sites on one server, can i still select only one or 2 sites to restrict access?
0
 
LVL 3

Expert Comment

by:Krypton-IT-Solutions
ID: 36522975
Yes you can select just the site from within the console. So expand the groups to see your site "my site" etc and right click/properties/directory security... Repeat for each site! You can restrict complete access to the IIS server itself if you wish by applying the settings a level up.

Regards
[advertising signature removed - modguy]
0
 

Author Closing Comment

by:sam1492
ID: 37294575
Did not fully solve the issue
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Configure IIS to process JSON 10 80
Unable to download certificate from server https://localhost/CertSrv or http://localhost/Certsrv 17 90
System Analysis 5 58
Web site error 3 41
Debug Tools to analyse IIS process: This article focus on taking memory dumps from IIS to determine which code is taking more time and to analyse which calls hangs/causes more CPU usage. To take dumps,download the following. Install1: To st…
Lync server 2013 or Skype for business Backup Service Error ID 4049 – After File Share Migration
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question