[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Restrict site access with IIS

Posted on 2011-09-12
6
Medium Priority
?
196 Views
Last Modified: 2012-05-12
Can IIS be configured to give access only from certain IPs?

How secure is this? If a user spoofs an IP can this be overridden?

Does this effect DNS?

Can you give me basic instruction on how to do this?
0
Comment
Question by:sam1492
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 3

Expert Comment

by:Krypton-IT-Solutions
ID: 36522281
Hello, you can go into IIS and right click the site in question, and go to properties and then directory security. Not sure about spoofing and I'm sure anything can be bypassed if you have the no how but this IP restriction should help you.

http://support.microsoft.com/kb/324066

Regards
[advertising signature removed - modguy]
0
 
LVL 9

Expert Comment

by:tanujchandna
ID: 36522282
Hi,

Please refer the following article url for the same:

http://learn.iis.net/page.aspx/159/configuring-remote-administration-and-feature-delegation-in-iis-7/

If you want to restrict website to a specific range of IP address the refer the following article url:

http://forums.iis.net/t/1153158.aspx
0
 
LVL 11

Accepted Solution

by:
Sanjay Santoki earned 1500 total points
ID: 36522543
Hi Sam,

You can IP based access for any website as said by first post. Basically this is a kernel filter that will load at the kernel level when IIS service start. The connection for the web request will come to the server and IIS will reject it if it is not in allowed list.

It is more secure if you are going to allow only few IP addresses. Also, it will block access through spoofing at some instant.

In respect of DNS, you don't need to do anything.

Thanks,
Sanjay Santoki
0
Fill in the form and get your FREE NFR key NOW!

Veeam® is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

 

Author Comment

by:sam1492
ID: 36522705
If I have multiple sites on one server, can i still select only one or 2 sites to restrict access?
0
 
LVL 3

Expert Comment

by:Krypton-IT-Solutions
ID: 36522975
Yes you can select just the site from within the console. So expand the groups to see your site "my site" etc and right click/properties/directory security... Repeat for each site! You can restrict complete access to the IIS server itself if you wish by applying the settings a level up.

Regards
[advertising signature removed - modguy]
0
 

Author Closing Comment

by:sam1492
ID: 37294575
Did not fully solve the issue
0

Featured Post

What’s Wrong with Your Cloud Strategy ?

Even as many CIOs are embracing a cloud-first strategy, the reality is that moving to the cloud is a lengthy process and the end-state is likely to be a blend of multiple clouds—public and private. Learn why multicloud solutions matter in this webinar by Nimble Storage.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lync server 2013 or Skype for business Backup Service Error ID 4049 – After File Share Migration
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question