question

MartinStabrey-9736 avatar image
0 Votes"
MartinStabrey-9736 asked YijingSun-MSFT commented

<ipSecurity> in web.config

We're wanting to restrict access to a folder called "unicol" on our web site. Only one IP address should be able to access this folder.
Will the below web.config on the root folder of our web site do the trick? Is there anything that we need to add or leave out?

Thank you.

Mart


 <?xml version="1.0" encoding="UTF-8"?>
 <configuration>
     <system.webServer>
         <directoryBrowse enabled="false" />
         <defaultDocument>
             <files>
                 <clear />
                 <add value="default.aspx" />
             </files>
         </defaultDocument>
         <httpErrors errorMode="DetailedLocalOnly" existingResponse="Auto" />
     </system.webServer>
    
   <location path="unicol">
     <system.webServer>
       <security>
         <ipSecurity allowUnlisted="false">
           <clear />
           <add ipAddress="xx.xx.xx.xx" allowed="true" />
         </ipSecurity>
       </security>
    </system.webServer>
   </location> 
    
 </configuration>


dotnet-aspnet-generaldotnet-aspnet-webforms
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

YijingSun-MSFT avatar image
0 Votes"
YijingSun-MSFT answered YijingSun-MSFT commented

Hi @MartinStabrey-9736 ,
As far as I think,you need create a new web.config file in your unicol file instead of the root folder.

Best regards,
Yijing Sun


If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

· 4
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you.

So besides putting the code into a web.config inside the specific folder and then removing the <location> section, would everything else appear okay in this web.config example?

0 Votes 0 ·

Hi @MartinStabrey-9736 ,

would everything else appear okay in this web.config example?

Do you want to show these codes?

 <system.webServer>
          <directoryBrowse enabled="false" />
          <defaultDocument>
              <files>
                  <clear />
                  <add value="default.aspx" />
              </files>
          </defaultDocument>
          <httpErrors errorMode="DetailedLocalOnly" existingResponse="Auto" />
      </system.webServer>

Best regards,
Yijing Sun

0 Votes 0 ·

I don't know? Do we? Don't we? :-)
As you can see, I know nothing about web.config files.
Thanks for you help.

0 Votes 0 ·
Show more comments
MartinStabrey-9736 avatar image
0 Votes"
MartinStabrey-9736 answered YijingSun-MSFT commented

Thank you. That makes sense. We have removed those sections.

We now have added this very basic web.config to the folder in question:

<?xml version="1.0"?>
<configuration>

  <system.webServer>
    <security>
      <ipSecurity allowUnlisted="false">
        <clear />
        <add ipAddress="102.182.255.11" allowed="true" />
      </ipSecurity>
    </security>
 </system.webServer>

</configuration>


Why would we be receiving the 500.19 error. Is it something to do with 141675-screenshot-2021-10-19-095311.jpgthe configuration of the server at our web presence provider?



· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @MartinStabrey-9736 ,
Blocking access to a certain folder can be set after deploying to IIS. There is no need to create a new web.config under the folder to configure ipsecurity. IPsecurity can only be configured in the applicationhost.config file. So find the file and add a paragraph:

 <location path="site name/unicol">
 <system.webServer>
 <security>
 <ipSecurity allowUnlisted="false">
 <add ipAddress="102.182.255.11" allowed="true" />
 </ipSecurity>
 </security>
 </system.webServer>
 </location>

Best regards,
Yijing Sun

0 Votes 0 ·

This is great. Thanks. I assume I can add the paragraph anywhere in the applicationhost.config file?

0 Votes 0 ·

Hi @MartinStabrey-9736 ,
There is a default web site in the location path property. I suggest you could add this under the default web site.
142304-microsoftteams-image.png
Best regards,
Yijing Sun

0 Votes 0 ·
MartinStabrey-9736 avatar image
0 Votes"
MartinStabrey-9736 answered YijingSun-MSFT commented

Thank you for your time. Appreciated!

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi. Out if interest, what is blazor webassembly/wwwroot

Mart

0 Votes 0 ·

Hi @MartinStabrey-9736 ,
Do you have solved the problem of ipsecurity? If you have the new problem,you could post a new thread. It will make more community experts to find your problems.
Best regards,
Yijing Sun

0 Votes 0 ·