Go back to the Delta Guide Home Page. Download this article as a PDF file.
IIS enables you to restrict the sites that users can visit by the hostname, domain name or IP address or range that they use. This can be useful if you want to host sites on a machine that handles both public and private traffic. For example, you wouldn't want your intranet to be accessible from the outside world.
IIS handles this through a system of discretionary access controlyou must either
Deny all sites and provide specific access to a list of sites or IP addresses that can access the directory or Web site
or
Allow all sites and deny specific sites or hosts that you do not want to have access to your machine
For example, if you choose to deny all and then only accept requests from mcslp.com, only hosts whose addresses map to that domain will be granted access to your siteall other users will be restricted.
Alternatively, if you allow all connections, but list mcslp.com, members of the mcslp.com DNS domain will be able to access your site.
To define the access control for a given directory or site
If you want to limit access for the entire site, select the Web site from the list of different served sites in the panel on the left. If you only want to limit access for a specific directory, choose the directory you want to control.
Right-click on the Web site or director and point to Properties.
Select the Directory Security panel.
If you want to limit access to a specific set of sites but deny it to all others, select Denied Access.
If you want to allow all clients by default but exclude a specific list of clients, select Granted Access.
To update the list of hosts or domains in the Except list, click Add.
To add a single computer to the list, click Single computer. Enter the IP address into the box and click OK.
To add a range of computers within a specific address range, click Group of Computers. Enter the IP address for the network and the subnet mask for the desired network range and click OK.
To add computers by their identified domain name, click Domain name. Enter the domain name.
Click Properties to open the extended properties dialog box. Enter the domain name and click OK.
Click OK to accept the security settings.
Note: Using Domain name restrictions puts a heavy load on the server because it has to perform a reverse DNS lookup for each request to check the host's registered domain name. Try to use an IP address or network range where possible.
Go back to the Delta Guide Home Page. Download this article as a PDF file.