How to block back-end web page only for users out side the Organization within IIS RSS

3 replies

Last post Feb 13, 2020 05:48 AM by Yuk Ding

  • How to block back-end web page only for users out side the Organization within IIS

    Feb 12, 2020 09:07 AM|HemaMallikarjunarao|LINK

    Hi Every one,

    We have web site running on IIS 8.0 in Windows Server 2012 and has multiple pages and sub directories in it and they will accessed by the user within and out side the organization, We have business requirement to block particular web page being accessed by the users out side the organization. 

    For Example:

    Let say web site called www,example.com and has subset www.example.com\test, we would like to block "test" page for out side user at the same it should be accessible to the users with in the organization. Is this something that is possible with in IIS?

    Your help and guidance much appreciated here. 

    Thanks,

    Hema Mallikarjunarao

  • Rovastar Rovastar

    5417 Posts

    MVP

    Moderator

    Re: How to block back-end web page only for users out side the Organization within IIS

    Feb 12, 2020 03:26 PM|Rovastar|LINK

    If you have a static range of IPs that the internal organization use you can setup a URLrewrite rule to restrict those IPs to a given folder.

    Troubleshoot IIS in style
    https://www.leansentry.com/
  • Re: How to block back-end web page only for users out side the Organization within IIS

    Feb 12, 2020 03:33 PM|HemaMallikarjunarao|LINK

    HI Rovastar, 

    Yes, I do have static IP ranges, may be couple of sub nets that internal users uses. 

    Do you have any procedure or article to setup URL rewrite on IIS for those static range of IP's, I guess it should "allow" for those static range of IP's and Deny for rest. Is that correct? 

  • Re: How to block back-end web page only for users out side the Organization within IIS

    Feb 13, 2020 05:48 AM|Yuk Ding|LINK

    Hi HemaMallikarjunarao,

    You may need some help to restrict IP address with regex expression.

    This rule is an example about how to create block rule. It will allow  the internal ip segement 192.168.x.x and block the rest ip addresses.

    <rule name="block rule" stopProcessing="true">
    <match url="^test" />
    <action type="AbortRequest" />
    <conditions>
    <add input="{REMOTE_ADDR}" pattern="192\.168\.[0-9]+\.[0-9]+" negate="true" />
    </conditions>
    </rule>

    If the reply is helpful, it is appreciated if you could mark it as answer.

    Best Regards,

    Jokies Ding

    Yuk Ding

    MSDN Community Support
    Please remember to "Mark as Answer" the responses that resolved your issue.