Using web.config to block content based on IP address
Question
Is it possible to block a specific content based on IP address in web.config, for IIS8?
For example:
<location path="somesite">
<system.webServer>
<httpRedirect enabled="true" destination="redirect/somesite" />
</system.webServer>
</location>
Would it be possible to block a specific entry as above based on IP address, and redirect to a 404 error page of some sort?
2 answers
solution1
1 ACCPTED 2014-06-10 06:26:45
I believe this wont be possible via web.config, though I may be wrong also. However I have successfully used global.asax for doing these kind of nasty stuff. Mind it that you cant be 100% sure about the Ip address, they can be spoofed, so you donowanna use it for security crital task.
Step 1. add a global.asax if you dont have
step 2. create a method as
protected void Application_BeginRequest(object sender, EventArgs e)
{
}
Application_BeginRequest is fired every time a resourse is requested.
Step 3. In this method verify IP address and redirect them where ever you want.
I hope I am clear.
solution2
0 2014-06-10 06:58:54
Take a look at An IP Address Blocking HttpModule for ASP.NET in 9 minutes . It does what you want (404) but keeps ips in a separated file. That makes more sense because changing the web.config every time will lead to an application restart.
And if you want to block IPs on IIS level, see http://technet.microsoft.com/en-us/library/cc730889%28WS.10%29.aspx
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.