Solved

Blocking external access to a WebFolder and stopping IIS reacting to internal server name

Posted on 2016-09-26
2
54 Views
Last Modified: 2016-09-26
Hi

I have a website installed on a local server (attached).

I am trying to restrict access to the Admin folder using the ip address and domain restrictions option but when i set it up.

Default deny and allow 192.168.1.0/24 is denys for everyone.

Also i need to stop the website responding to the local server name and only the external name so that the ssl works correctly.

Can i just stop the server responding to the local name rather than having to put a forward in?

thanks
1.jpg
0
Comment
Question by:timb551
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 28

Accepted Solution

by:
Dan McFadden earned 500 total points
ID: 41815936
Can you post the site's bindings?  The image posted does not provide enough useful info.

My guess is the site binding is using the wildcard configuration for the IP binding, which allows IIS to respond to any http request that hits the server.  What you need to do is to choose the specific IP that the server is to answer on when a user requests a page.

Then you need to edit the IP Address and Domain Restrictions feature associated with the virtual Application and set the Feature Settings to by default Deny access for unspecified clients, then add a specific Allow rule for the IP address range you mentioned above.

Is this server directly visible from the Internet or does it sit behind a NAT'ed Public IP or a load balancer?

Dan
0
 

Author Comment

by:timb551
ID: 41816002
Fantastic, thanks.

I changed the site to be just on the ipv4 rather than * and the restrictions have started working and i can no longer browse on the local server name.

thank you
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question