IIS 7 and Above
How to restrict a IIS7 web site to a specific range of IP address?
Last post Aug 23, 2012 09:32 PM by smason
Nov 17, 2008 09:26 PM|garyfuhr|LINK
How to restrict a IIS7 web site to a specific range of IP address? Want to restrict a web site to only local (internal) IP addresses. TIA, gary.
Nov 18, 2008 12:04 AM|CarlosAg|LINK
One easy way is to use IP Restrictions:
Make sure to mark the "Access for unspecified clients" to Deny in the "Edit Feature Settings..." dialog
Nov 18, 2008 01:42 AM|garyfuhr|LINK
okay, that appears to be what I'm looking for. However ...
1. It's not clear how to setup the IP address range. It seems you have to enter 192.168.1.0 with a mask of 255.255.255.0 to allow IP addresses in the 192.168.1.x range, correct?
2. Also, it appears a "deny" is required. How to set a deny range for all public IP addresses? "*" for all does not work.
Nov 18, 2008 07:28 AM|garyfuhr|LINK
1. It seems my assumption on how to setup IP address range is correct. Don't see a way to block 10 IP addresses within the range if required, other than entering each one. Luckily the whole range will do.
2. Missed this point ... solves this issue.
>> Make sure to mark the "Access for unspecified clients" to Deny in the "Edit Feature Settings..." dialog
Oct 13, 2010 04:20 AM|jason2k|LINK
This is a server level configuration.
Is it possible if I only wish to restrict a range of IP address for one particular website and another range of IP address for another website on the same server?
May 05, 2012 06:49 AM|varung4|LINK
You can follow the same steps given in
http://technet.microsoft.com/en-us/library/cc730889.aspx post after selecting the site you want to set the rule for.
May 09, 2012 10:52 PM|murph1329|LINK
no you can't
Management Service is only for the server node in IIS. It will not show up on web site feature views. Basically it's an all or nothing setting which is.....stupid.
The OP wanted to restrict a web site to an IP or range of IPs, so the post marked as answered is wrong.
May 16, 2012 06:12 PM|hrb|LINK
Because we employ a network load balancer an IP based solution will not work for me so instead I would like to be able to do the same thing in a different way:
I would like to restrict access by the request domain name (ex:
restrict access by the request domain name and only for a single folder (ex:
Is this possible?
thanks in advance...
May 30, 2012 07:23 PM|evaporated|LINK
Aug 23, 2012 09:32 PM|smason|LINK
I was able to apply the restrictions to a single web site on the server. These instructions work well for that too -- just select the web site and click on the IP Address and Domain Restrictions feature from there.