13

I have a web application, in which a web service resides in a folder. The whole web application can be accessed from anywhere, while the web service should only be accessed from certain IP addresses. I can't separate them and take the web service into another IIS web site, thus I need to restrict the access to the web service, while it resides in that web site. However, I have no limitation in creating virtual directories. What should I do? Can I do it at all?

To understand the scenario better, suppose that the domain of the website is www.sample.com, and every address on this website is accessible to all the Internet. For example, www.sample.com\path1 and www.sample.com\path2 are browsable by everyone and every IP address out there.

But the address of the web service www.sample.com\services\user.asmx should only be accessed from certain IP addresses, like 217.218.192.50 && 107.50.27.30 for example.

How can I achieve this configuration in IIS7?

Saeed Neamati
  • 35,341
  • 41
  • 136
  • 188

1 Answers1

19

OK, what a simple action it was.

Simply select the folder in IIS7, and from the right hand, select IP Address and Domain Restrictions (which if is not visible, must be reached via Features View tab).

Now, you can allow or deny any single IP address, or a range if IP addresses from seeing or not seeing your folder, and anything inside it.

Saeed Neamati
  • 35,341
  • 41
  • 136
  • 188
  • I dont have that IP Address and Domain Restrictions icon in my features view or anywhere else. I heard that it is a (windows) feature that must be enabled somewhere first but I can't seem to find how or where... Any ideas? – Ghlouw Feb 15 '12 at 13:16
  • What version of IIS you're using? I think it's a new feature. Maybe you should test with IIS7 or IIS7.5. – Saeed Neamati Feb 15 '12 at 14:12
  • 2
    I'm using IIS7.5. I eventually found out that I could add this feature with the Web Platform Installer - that's usually the easiest way to add things to IIS. :) – Ghlouw Feb 23 '12 at 10:02
  • @SaeedNeamati Was there a way to do this in the web.config? For some reason I cannot do this with a folder that I am trying to restrict access to... – Bobi Mar 30 '17 at 06:30
  • In case anyone else is still looking for it: https://www.iis.net/downloads/microsoft/dynamic-ip-restrictions – jerhewet Nov 09 '17 at 22:42