We can restrict the access to a website using IP addresses or domain name in IIS 7 easily using the “IP and Domain Restrictions” module. Unlike IIS 6, this module is not enabled by default when you install Internet Information Services (IIS). we need to install it. But don’t worry, this can also be done easily through Server Manager.
You can follow the below step by step instruction:-
Enabling the “IP and Domain Restrictions” module
1. Open the Server Manager by selecting the path Start > Administrative Tools > Server Manager.
2. Click “Add Role Services” link to add the required Role. Check the “IP and Domain Restrictions” check box in “Select Role Services” screen and click “Next” to continue and complete the module installation. If the module is already installed, it will show as “installed”.
Configuring the “IP and Domain Restrictions” module
1. Start Internet Information Services (IIS) and open “IP and Domain Restrictions”.
Click to enlarge the image
2. Inside IPv4 Addresses and Domain Restrictions, select “Add Allow Entry” or “Add Deny Entry” to add Allow or Deny entries. You can specify IP address, an IP address range or a Domain Name.
Click to enlarge the image
3. For setting default policy, Click on “Edit feature settings” and select “Allow” or “Deny” as required.
Click to enlarge the image
Note:-
1. Please note that configuring Allow or Deny restrictions using Domain name require reverse DNS look up every time a request arrives the server. Performing reverse DNS lookups is a potentially expensive operation that can severely degrade the performance of your IIS server.
2. IP entries are applied instantly without the need for a restart of the site or iis. The entries are processed in order so if you place deny and allow entries in the wrong order then you may lock the incorrect people out of the website.
Leave a Reply