How to handle access when using IP addressRSS

3 replies

Last post Jul 31, 2020 02:12 AM by Jalpa Panchal

  • How to handle access when using IP address

    Jul 29, 2020 09:31 PM|dimagow|LINK


    Hey guys!<br>
    <br>
    Need some help here. How to handle the page access when the user uses the IP address instead of the dns name?<br>
    <br>
    For instance my page is this https://www.mypage.com working fine and has the public IP address 200.200.200.200.<br>
    <br>
    If I type https://200.200.200.200 it works.<br>
    <br>
    I would like to prevent this from happening. Redirect to the dns name or even deny the access should be fine either way.<br>
    <br>
    Any experience in how to handle this? I have few scenarios where I have aws ELB in front of IIS servers.<br>
    <br>
    Thanks!
  • Re: How to handle access when using IP address

    Jul 30, 2020 06:43 AM|Jalpa Panchal|LINK

    Hi,

    To implement your requirement you have to install IP and domain restriction feature of iis and URL rewrite module.

    Url Rerwite download link:

    https://www.iis.net/downloads/microsoft/url-rewrite

    By using below rule you can only allow the users to access by using IP and if user tries to use site using IP address it will show the access denied error:

    <rule name="RequestBlockingRule1" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
                        <match url="*" />
                        <conditions>
                            <add input="{HTTP_HOST}" pattern="192.168.*" />
                        </conditions>
                        <action type="CustomResponse" statusCode="403" statusReason="Forbidden: Access is denied." statusDescription="You do not have permission to view this directory or page using the credentials that you supplied." />
                    </rule>
                    <rule name="RequestBlockingRule2" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
                        <match url="*" />
                        <conditions>
                            <add input="{HTTP_HOST}" pattern="example.com" negate="true" />
                        </conditions>
                        <action type="CustomResponse" statusCode="403" statusReason="Forbidden: Access is denied." statusDescription="You do not have permission to view this directory or page using the credentials that you supplied." />
                    </rule>

    By using below rule it will redirect user to the domain name if they type IP address:

    <rule name="Ip redirect" stopProcessing="true">
                        <match url="(.*)" />
                        <conditions>
                            <add input="{HTTP_HOST}" pattern="192.168.1.12" />
                        </conditions>
                        <action type="Redirect" url="http://example.com/{R:1}" />
                    </rule>

    Reference links:

    https://docs.microsoft.com/en-us/iis/get-started/whats-new-in-iis-8/iis-80-dynamic-ip-address-restrictions

    Regards,

    Jalpa

    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue.
    If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.
  • Re: How to handle access when using IP address

    Jul 30, 2020 08:26 PM|dimagow|LINK

    Hi Jalpa,

    Thanks for the information and details.

    So the first rule will work as a firewall? Filtering the source IP address? (users' IP address?) So in my case I don't need this. It is fine to have ANY to hit the web page.

    For the second rule looks like to be what I'm looking for. If the user types in the browser the IP address it will redirect to the DNS name of the page, correct?

    Just to make sure I understood.

    If the second rule is what I'm looking for - The example below given by you. The ip address 192.168.1.12, is this the ip address of my IIS local network interface? If I have 3 different servers, so 3 different IPs, I have to add only 1 IP for that server? So server A config will have IP 192.168.1.12, server B config will have IP 192.168.1.13, server C config will have IP 192.168.1.14?

    Thank you!

    <rule name="Ip redirect" stopProcessing="true">
                        <match url="(.*)" />
                        <conditions>
                            <add input="{HTTP_HOST}" pattern="192.168.1.12" />
                        </conditions>
                        <action type="Redirect" url="http://example.com/{R:1}" />
                    </rule>
  • Re: How to handle access when using IP address

    Jul 31, 2020 02:12 AM|Jalpa Panchal|LINK

    could you please share what is your site bindings? what it shows when you type the URL https://200.200.200.200

    for your information below is my site bindings:

    so when I type IP address it will redirect o the hostname:

    Fell free to let me know if you still have any questions. 

    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue.
    If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.