Admin-Ahead Community

Windows => Control Panels => WebsitePanel => Topic started by: sajugovind on July 19, 2014, 06:47:42 pm

Title: IP Address Restrictions with Web.Config
Post by: sajugovind on July 19, 2014, 06:47:42 pm

If you want to restrict website access to certain IP address, you have to do it in the web.config file. In this article I will give you an updated step-by-step guide on how to blog IP addresses in web.config.

1. Open the web.config file of your ASP application:

2. We will use the <rewrite> tag for this purposes. We will set a forbidden status to any page the blocked IP tries to access. Add this code to your webconfig file:

Code: [Select]

<system.webServer>
        <rewrite>
            <rules>
                <rule name=”Blocked Users” stopProcessing=”true”>
                    <match url=”.*” />
                    <conditions>
                        <add input=”{Bad Ips:{REMOTE_ADDR}}” pattern=”1″ />
                    </conditions>       
                    <action type=”CustomResponse” statusCode=”403″ statusReason=”Forbidden” statusDescription=”Forbidden” />
                </rule>
            </rules>
            <rewriteMaps>
                <rewriteMap name=”Bad Ips”>
                    <add key=”108.166.*.*” value=”1″ />
                    <add key=”12.13.15.16″ value=”1″ />
                </rewriteMap>
            </rewriteMaps>
        </rewrite>
In the code above, First we set a rule to block all URLs to the offending IP address (match url=”.*”). Then we set inside the <condition> tag the <action> to return a 403 Forbidden status. Finally, inside the <rewriteMaps> we add the IP addresses that we want to block.


3. Save your changes and that’s it! Now IP addresses has been blocked:

This concludes IP address Restrictions with Web.Config

Thank you,