1

I have two WCF services host in IIS: PublicService.svc and PrivateService.svc. The IIS server has two Ethernet adapter (for internet and local network).

How can I make the PrivateService.svc available only in local network by configuration file? Or there is simplest way to restrict access to PrivateService.svc from internet?

I don't wan't to change code so hope that I can found a simple way to do what I need by change s in configuration file.

Thanks

langtu
  • 1,198
  • 1
  • 10
  • 23

1 Answers1

1

Just make the local binding(127.0.0.1 or localhost) or concrete IP addres of the local network adapter(192.168..). In this way your services won't be accessible from external network.

Daniil Novikov
  • 440
  • 4
  • 8
  • Thanks Daniil. But how to make local binding? I try to change address field in endpoint to local IP (192.168..) but the PrivateService.svc cannot activation. – langtu Feb 21 '12 at 13:10
  • Address field means an address after PrivateService.svc(e.g. PrivateService.svc/mex, PrivateService.svc/etc.). Try to use baseAddresses(http://msdn.microsoft.com/en-us/library/ms788995.aspx) in your service configuration. Also, if you host services using application(website), you can simple bind the related website to a localhost(127.0.0.1). – Daniil Novikov Feb 21 '12 at 13:22
  • I still cannot make PrivateService.svc access only from local network. The baseAddress is ignored because the services host in IIS (http://stackoverflow.com/questions/56249/wcf-service-configuration-file-question-regarding-baseaddresses). And I still want the PublicServices.svc still available across internet. – langtu Feb 21 '12 at 14:32
  • ok. here my test server configuration. I'm using WCF for my project. Here binding: http://tinypic.com/view.php?pic=c6g4x&s=5. Here add reference test: http://tinypic.com/view.php?pic=281atud&s=5. As you can see there no svc on this address 192.168.13.2, but if I change binding from 127.0.0.1 to 192.168.13.2, I will be able to see the svc mex at 192.168.13.2. My WCF configuration you can see here http://xenta.codeplex.com/SourceControl/changeset/view/068ddfd6bf36#trunk%2fSrc%2fHst%2fIisHost%2fWeb.config. Section related to AuditApi service. – Daniil Novikov Feb 21 '12 at 14:52
  • Thanks Daniil. I know your idea. But changing binding in IIS doesn't resole my problem because PublicService.svc and PrivateService.svc both exist in one web application. If I change the binding to local address in IIS, the PublicService.svc will be unavailable too :(. – langtu Feb 21 '12 at 15:42
  • Ok. Sorry, I didn't catch this issue. Maybe you may try to play with virtual directories with different web.config. – Daniil Novikov Feb 21 '12 at 15:49