<ipSecurity> in web.config

Question

question

MartinStabrey-9736 asked Oct 15, '21 YijingSun-MSFT commented Oct 25, '21

<ipSecurity> in web.config

We're wanting to restrict access to a folder called "unicol" on our web site. Only one IP address should be able to access this folder.
Will the below web.config on the root folder of our web site do the trick? Is there anything that we need to add or leave out?

Thank you.

Mart

 <?xml version="1.0" encoding="UTF-8"?>
 <configuration>
     <system.webServer>
         <directoryBrowse enabled="false" />
         <defaultDocument>
             <files>
                 <clear />
                 <add value="default.aspx" />
             </files>
         </defaultDocument>
         <httpErrors errorMode="DetailedLocalOnly" existingResponse="Auto" />
     </system.webServer>
    
   <location path="unicol">
     <system.webServer>
       <security>
         <ipSecurity allowUnlisted="false">
           <clear />
           <add ipAddress="xx.xx.xx.xx" allowed="true" />
         </ipSecurity>
       </security>
    </system.webServer>
   </location> 
    
 </configuration>

dotnet-aspnet-general dotnet-aspnet-webforms

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Answer 1 · 2021-10-18T06:35:16.91Z

YijingSun-MSFT answered Oct 18, '21 YijingSun-MSFT commented Oct 19, '21

Hi @MartinStabrey-9736 ,
As far as I think,you need create a new web.config file in your unicol file instead of the root folder.

Best regards,
Yijing Sun

If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

· 4

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MartinStabrey-9736 · Oct 18, 2021 at 07:17 AM

Thank you.

So besides putting the code into a web.config inside the specific folder and then removing the <location> section, would everything else appear okay in this web.config example?

0 ·

YijingSun-MSFT MartinStabrey-9736 · Oct 18, 2021 at 09:35 AM

Hi @MartinStabrey-9736 ,

would everything else appear okay in this web.config example?

Do you want to show these codes?

 <system.webServer>
          <directoryBrowse enabled="false" />
          <defaultDocument>
              <files>
                  <clear />
                  <add value="default.aspx" />
              </files>
          </defaultDocument>
          <httpErrors errorMode="DetailedLocalOnly" existingResponse="Auto" />
      </system.webServer>

Best regards,
Yijing Sun

0 ·

MartinStabrey-9736 YijingSun-MSFT · Oct 18, 2021 at 09:45 AM

I don't know? Do we? Don't we? :-)
As you can see, I know nothing about web.config files.
Thanks for you help.

0 ·

Show more comments

Answer 2 · 2021-10-19T07:55:07.88Z

MartinStabrey-9736 answered Oct 19, '21 YijingSun-MSFT commented Oct 21, '21

Thank you. That makes sense. We have removed those sections.

We now have added this very basic web.config to the folder in question:

<?xml version="1.0"?>
<configuration>

  <system.webServer>
    <security>
      <ipSecurity allowUnlisted="false">
        <clear />
        <add ipAddress="102.182.255.11" allowed="true" />
      </ipSecurity>
    </security>
 </system.webServer>

</configuration>

Why would we be receiving the 500.19 error. Is it something to do with the configuration of the server at our web presence provider?

screenshot-2021-10-19-095311.jpg (166.6 KiB)

· 3

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

YijingSun-MSFT · Oct 20, 2021 at 02:32 AM

Hi @MartinStabrey-9736 ,
Blocking access to a certain folder can be set after deploying to IIS. There is no need to create a new web.config under the folder to configure ipsecurity. IPsecurity can only be configured in the applicationhost.config file. So find the file and add a paragraph:

 <location path="site name/unicol">
 <system.webServer>
 <security>
 <ipSecurity allowUnlisted="false">
 <add ipAddress="102.182.255.11" allowed="true" />
 </ipSecurity>
 </security>
 </system.webServer>
 </location>

Best regards,
Yijing Sun

0 ·

MartinStabrey-9736 YijingSun-MSFT · Oct 20, 2021 at 08:17 AM

This is great. Thanks. I assume I can add the paragraph anywhere in the applicationhost.config file?

0 ·

YijingSun-MSFT MartinStabrey-9736 · Oct 21, 2021 at 02:15 AM

Hi @MartinStabrey-9736 ,
There is a default web site in the location path property. I suggest you could add this under the default web site.

Best regards,
Yijing Sun

0 ·

microsoftteams-image.png (28.2 KiB)

Answer 3 · 2021-10-21T07:16:04.783Z

MartinStabrey-9736 answered Oct 21, '21 YijingSun-MSFT commented Oct 25, '21

Thank you for your time. Appreciated!

· 2

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MartinStabrey-9736 · Oct 22, 2021 at 01:03 PM

Hi. Out if interest, what is blazor webassembly/wwwroot

Mart

0 ·

YijingSun-MSFT MartinStabrey-9736 · Oct 25, 2021 at 07:21 AM

Hi @MartinStabrey-9736 ,
Do you have solved the problem of ipsecurity? If you have the new problem,you could post a new thread. It will make more community experts to find your problems.
Best regards,
Yijing Sun

0 ·

question