iis | security | aspnet

IP Security - Configure IP address restrictions in Web.Config on IIS

by Abhith RajanJanuary 09, 2018 · 1 min read · Last Updated:

When your website is using some kind of proxy/firewall just like Sucuri to increase the security, you need to make sure that only the allowed ones are accessing the site directly, so that all the requests to the site is going through the firewall.

To ensure this, we use the IP security feature in IIS, in which we can configure which IP’s are allowed.

1<system.webServer>
2 ...
3 <security>
4 <ipSecurity allowUnlisted="false">
5 <clear />
6 <add ipAddress="-.-.-.-" subnetMask="-.-.-.-" allowed="true" />
7 <add ipAddress="-.-.-.-" subnetMask="-.-.-.-" allowed="true" />
8 <add ipAddress="-.-.-.-" subnetMask="-.-.-.-" allowed="true" />
9 <add ipAddress="-.-.-.-" subnetMask="-.-.-.-" allowed="true" />
10 </ipSecurity>
11 ...
12 </security>
13</system.webServer>

In the above code, we set allowUnlisted attribute to false to prevent access to all IP address unless they are listed. And then we add the allowed IP addresses one by one. eg.

1<add ipAddress="192.168.134.0" subnetMask="255.255.254.0" allowed="true" />

Additional Resource

Written by Abhith Rajan
Abhith Rajan is an aspiring software engineer with more than 7 years of experience and proven successful track record of delivering technology-based products and services.
Buy me a coffee

Was this article helpful?

Your opinion matters

Please share your thought about this article

This page is open source. Noticed a typo? Or something unclear?
Improve this page on GitHub

Related Posts

Related Videos

How to use Azure Bastion to connect securely to your Azure VMs | Azure Friday

How I Hacked 30 Mobile Banking Apps (And The Future of API Security)

An Illustrated Guide to OAuth and OpenID Connect

Related Stories

Related Services

SmarterASP.net - Unlimited ASP.NET Web Hosting

ASP.NET Hosting by SmarterASP.net. Unlimited ASP.NET Hosting Plans Starting at $2.95 a month.