Thursday 4 February 2010

Restricting Website Access By IP Address in IIS7 - IPRestriction Module

In IIS5 and IIS6 it was pretty straight forward to control access to a website using the directpry security and adding rules into the IP Access Rules.

I came to do this on IIS7 today and it took me a good half hour to find out how to do it so here is a quick run down!

First off you need to enable the IPRestriction module by going into the server roles and adding it.

Next restart your IIS administration console (as the new module doesnt seem to appear until you do).

Next reopen your IIS7 admin console and select the website you want to apply the restriction.

Select the IP4 Address and Domain restriction module.

Add the IP address you want to allow/deny.

IMPORTANT - next you need to set the default rule to apply to unspecified clients.

Simply right click in the IPRestriction module where you added the IP address and select edit feature settings. From there set the default rule to deny if you want to restrict all IP's apart from the ones you specified.

And that is job done!

IIS7 does seem to mash ones head in a bit until you get your head around how it all hangs together.