This may be a funny title in the beginning, but by the end of it, you will surely know the importance of this!
When would you Block IP Addresses?
There may be some situations in your live environment, that you need to block a certain IP address or some IP addresses, so that they do not generate traffic onto your websites.
Lets say the case is like:
1. Maybe a web crawler is trying to crawl your website and you wanna block that! [You can block a crawler from a Firewall directly, but its also possible from IIS.]
2. Your web application crashed due to some reason unexpectedly, and you want to stop all traffic so that your application can be up stable and running fast.
How to Block IP addresses from IIS?
Well, the blocking IPs differs in IIS 6.0 and IIS 7.5 and hence lets see both of them.
Below, as an example, I have considered the case where we can block all IP addresses from access and allow only one IP address to access our application.
Again, there can be many permutations available to cover a wide range of cases easily and effectively. :)
Blocking an IP address in IIS 6.0
- In IIS 6.0, go to the Website, right-click and select properties.
- In here, select Directory Security.
- Next, Select the option Edit in IP address and domain name restrictions. By default, you will see the below screen
- Select Deny Access to all the IP addresses
Select the Grant Access to a single computer and add the IP address.
Now, if you try to access your application from any computer other than this, than it will deny you!
Thus you have successfully configured the blocking of IP addresses from IIS in 6.0
Blocking an IP address in IIS 7.5
As you might know, IIS 7.5 is very modular and hence in case you want to Block IP Address, then you need to install a Role Service for Web Server(IIS).
This module is called IP Addresses and Domain Restrictions.
- When you install the above specified module, you will be able to see it in the IIS Manager as below:
- On Opening this, you will see as below. In that, select the Option in the Actions Tab, Edit Feature Settings
- You will see the following screen. Select the Option as Deny in Edit IP and Domain Restrictions Settings.
- Next, Add the Allow Entry as follows:
- Now, further, specify the IP address that you want to allow