Is it possible to configure a location in Web.config to only allow local connections

by

You can ask IIS to restrict access to a resource by IP address from within the Web.config:

<location path="resources">
  <system.webServer>
    <security>
      <ipSecurity allowUnlisted="false">
        <clear/>
        <add ipAddress="127.0.0.1"/>
      </ipSecurity>
    </security>
  </system.webServer>
</location>

More info

EDIT: As Mike pointed it out in the comment below, this requires the IP and Domain Restrictions module to be installed. Thanks Mike!

More Related Contents:

  1. Using different Web.config in development and production environment
  2. How do you modify the web.config appSettings at runtime?
  3. Access-control-allow-origin with multiple domains
  4. Forms authentication timeout vs sessionState timeout
  5. Avoid web.config inheritance in child web application using inheritInChildApplications
  6. How to increase request timeout in IIS?
  7. Which gets priority, maxRequestLength or maxAllowedContentLength?
  8. Setting up connection string in ASP.NET to SQL SERVER
  9. How to set the Default Page in ASP.NET?
  10. ASP.NET web.config: configSource vs. file attributes
  11. How to prevent an ASP.NET application restarting when the web.config is modified?
  12. Error to use a section registered as allowDefinition=’MachineToApplication’ beyond application level
  13. Adding machineKey to web.config on web-farm sites
  14. Difference between and ?
  15. IIS URL Rewrite and Web.config
  16. Reading web.config from JavaScript
  17. ASP.NET: HTTP Error 500.19 – Internal Server Error 0x8007000d
  18. Web Application Problems (web.config errors) HTTP 500.19 with IIS7.5 and ASP.NET v2
  19. HTTP Error 500.19 – Internal Server Error
  20. Escape quote in web.config connection string
  21. What are the Web.Debug.config and Web.Release.Config files for?
  22. Login failed for user ‘NT AUTHORITY\NETWORK SERVICE’
  23. Store String Array In appSettings?
  24. How to encrypt one entry in web.config
  25. Web Config Transform not working
  26. The configuration section ‘system.web.extensions’ cannot be read because it is missing a section declaration
  27. web.config and app.config confusion
  28. Unrecognized attribute ‘targetFramework’. Note that attribute names are case-sensitive
  29. Specify more than one directory in Web.Config’s Location Path element
  30. URL Routing, Image Handler & “A potentially dangerous Request.Path value”

Leave a Comment