IP Address Restriction


ASP.NET Developer's JumpStart
By Paul D. Sheriff, Ken Getz
Table of Contents
Chapter 31.  Securing Web Services

In a typical server-to-server exchange of information, you will most likely know the IP address of the machine that will be requesting information from your machine. If this is the case, you can restrict your Web site to only accept requests from this IP address. Simply select a Web site in IIS and then open the Properties dialog box. Then, select the Directory Security tab and click the Edit button in the IP Address and Domain Name Restrictions section (see Figure 31.3).

Figure 31.3. Click the Edit button to edit IP addresses you want to restrict.



This technique is only available on computers running server software. That is, it's not available if you're running Windows 2000 Professional, or the Windows XP Professional or Home versions.

When you click the Edit button, you will see a dialog box similar to the one shown in Figure 31.4. This dialog box allows you to choose to grant access to the list of specified IP addresses. You may also choose to deny access to a specified list of IP addresses. This is a somewhat confusing dialog box because you will have a list of both granted and denied IP addresses listed in the list box.

Figure 31.4. This dialog box allows you to grant or deny access to certain IP addresses.


If you have the Granted Access option button selected and then click the Add button, you will be presented with a dialog box in which you enter a single IP address. This IP address will be the only one granted access to this particular Web site. You may add one or many IP addresses to this list, as you want.

If you click the Denied Access option button and then click the Add button, you will be presented with a dialog box like the one in Figure 31.5.

Figure 31.5. You can deny access to one computer, a group of computers, or a specific domain name.


When you choose the Group of Computers option button, you can specify a specific network ID and even a subnet mask, as shown in Figure 31.6. This is a little more flexible and would be ideal for an intranet scenario.

Figure 31.6. Specifying a group of computers is easy with this dialog box.



Although you can also choose a domain name, this requires a reverse DNS lookup operation and can significantly slow down the performance of your Web site.


    ASP. NET Developer's JumpStart
    ASP.NET Developers JumpStart
    ISBN: 0672323575
    EAN: 2147483647
    Year: 2002
    Pages: 234

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net