IIS Block IP Setting

We have two Web Server one for internal another for external. Now we consider let two into one. The main site will be opened a limited specific IP range, but some of the other sites will be opened to the public.

How to

1.Add Features- IP and Domain Restriction

After installed, It will show the icon in the root or subsites.
2.Setting IIS Root access from Allow to Deny.

3.IIS Root against specific IP range to open.e.g.The mask of the example as 255.255.255.0 it means from192.168.2.0~255 can be accessed.


4.Opening to the public by specific sites.
Due to IIS Root has setting the deny. All of the sites will inherit this setting. After subsite modify its settings then it will base on a subsite. Therefore, it can be satisfied our request the deny is default but some allow.

All of the settings are stored in the IIS config file.
%windir%\System32\inetsrv\config\applicationHost.config

Above-mentioned, all of the settings processes also can be executed by Powershell.
$value = @{allowed="true";ipAddress="192.168.0.1";subnetMask="255.255.255.0"}
#1.Setting Root Site as deny
Set-WebConfigurationProperty -Filter /system.webserver/security/ipsecurity -Name allowUnlisted -Value $false
#1.1 Setting Root Site denyAction as NotFound
Set-WebConfigurationProperty -Filter /system.webserver/security/ipsecurity -Name denyAction -Value 'NotFound'
#2.Root Site add Allow Ip
add-webconfiguration /system.webServer/security/ipSecurity  -value $value -pspath IIS:\
$SiteName = "ConnIIsLab-PRD"
#3.Setting Sub Site as Allow
Set-WebConfigurationProperty -Filter /system.webserver/security/ipsecurity -Name allowUnlisted -Value $true -Location $SiteName


Customized Error Page

The default of the DenyAction is Forbidden. It will response the status code 403.503. We can show our custom message to the client.

1.It can only be set the root site. I try to set the subsites but somehow it will show the wrong page.

2.It will show the detail error at localhost. To see the effect the setting need to choose to Custom error page.After testing finished, you must be let the setting back.


Reference



Popular posts from this blog

Jenkins-Parameterized Build Sub-flow

SQL Server pass parameter to Procedure

Stopping TypeScript Compile to accelerate debugging