发表新帖
发表新帖

Is it possible to configure a location in Web.config to only allow local connections

后端 未结
关注
5 669
余生分开走
余生分开走 2020-11-30 08:57

I\'ve got a page in an ASP.Net app (its Mvc actually but not important) and I would like to only allow connections to this page from the local machine. I would love to do s

相关标签:
5条回答
  • 粉色の甜心
    2020-11-30 09:17

    I found this to be helpful as well, if you want to specify a range of IP addresses. You can add the following code block to you web.config

    <system.webServer>
    <security>
        <ipSecurity allowUnlisted="false">
            <clear/>
            <add ipAddress="95.110.115.0" subnetMask="255.255.255.0"/>  
            <!--blocks range 95.110.115.0 to 95.110.115.255-->    
            <add ipAddress="95.110.0.0" subnetMask="255.255.0.0"/>      
            <!--blocks range 95.110.0.0 to 95.110.255.255-->    
            <add ipAddress="95.0.0.0" subnetMask="255.0.0.0"/>          
            <!--blocks range 95.0.0.0 to 95.255.255.255-->  
        </ipSecurity>
    </security>
</system.webServer>
    0 讨论(0)
  • 面向向阳花
    2020-11-30 09:23

    You could create your own configuration section that would be part of your web.config and then use the setting to control the behavior in global.asax Session_Start.

    0 讨论(0)
  • 余生分开走
    2020-11-30 09:25
    1. Invent a non-DNS alias for the machine, i.e. "PrivateHostName".
    2. Set this value in the local hosts file to point to 127.0.0.1.
    3. Set a (IIS) host header for the web site such that it only responds to requests to address "PrivateHostName".
    4. For all local calls use the private host name.

    Remote clients will not be able to resolve the host name.

    You could secure it more using a dedicated ip address tied to a virtual network adapter which would not actually respond to external requests.

    0 讨论(0)
  • 不思量自难忘°
    2020-11-30 09:34

    This isn't what you asked for, but you could specify users of  the local machine. I can't imagine this is practical unless it's a small number of users you're wanting to authorize.

    <location path="resources">
  <system.web>
    <authorization>
      <allow users="LOCALMACHINENAME\UsernameOfTrustedUser"/>
      <deny users="*"/>
    </authorization>
  </system.web>
</location>
    0 讨论(0)
  • 故里飘歌
    2020-11-30 09:35

    You can ask IIS to restrict access to a resource by IP address from within the Web.config:

    <location path="resources">
  <system.webServer>
    <security>
      <ipSecurity allowUnlisted="false">
        <clear/>
        <add ipAddress="127.0.0.1"/>
      </ipSecurity>
    </security>
  </system.webServer>
</location>

    More info

    EDIT: As Mike pointed it out in the comment below, this requires the IP and Domain Restrictions module to be installed. Thanks Mike!

    0 讨论(0)
 看不清?
提交回复
热议问题