Allow or deny IP access to a specific IP address through web.config

You can restrict IP address to accessing your site by adding the code in your site's web.config file and put that file into the particular directory which you want to protect from access. The web.config file is in XML format so you have to add a <security> tag to allow or deny any IP address. Please follow the below steps to block IP address via web.config file for your asp.net app.

A sample code to block specific IP address and Allow all IP:

<security>
<ipSecurity allowUnlisted="true"> <!-- line allows everyone, except below IP-->
<clear/>
<add ipAddress="127.0.0.1" allowed="true"/>
<add ipAddress="xxx.xxx.xxx.xxx"/> <!-- blocks the specific IP -->
<add ipAddress="xxx.xxx.xxx.0" subnetMask="255.255.255.0"/> <!--blocks network xxx.xxx.xxx.0 to xxx.xxx.xxx.255-->
</ipSecurity>
</security>

Sample Code to deny all and allow specific IP address:

<security>
<ipSecurity allowUnlisted="false"> <!-- line blocks everyone, except below IP -->
<clear/>
<add ipAddress="127.0.0.1" allowed="true"/>
<add ipAddress="xxx.xxx.xxx.xxx" allowed="true"/> <!-- allow the specific IP of xxx.xxx.xxx.xxx -->
<add ipAddress="xxx.xxx.xxx.0" subnetMask="255.255.255.0" allowed="true"/> <!--allow network xxx.xxx.xxx.0 to xxx.xxx.xxx.255-->
</ipSecurity>
</security>

Note: You can add the above code to your already created web.config file after <system.webServer> tag or you can also create a new web.config file in the particular direction which you want to protect.

To create a new web.config file in the text editor you have to add the below code. As this file is an XML file then you have to start with XML tag. Your new web.config file looks like this.

<?xml version="1.0"?>
<configuration>
<system.web>
.. text ..
</system.web>
<system.webServer>
<security>
<ipSecurity allowUnlisted="true"> <!-- line blocks everyone, except below IP -->
<clear/>
<add ipAddress="xxx.xxx.xxx.xxx"/> <!-- blocks particular IP -->
<add ipAddress="xxx.xxx.xxx.0" subnetMask="255.255.255.0"/> <!--block network xxx.xxx.xxx.0 to xxx.xxx.xxx.255-->
</ipSecurity>
</security>
<modules runAllManagedModulesForAllRequests="true"/>
</system.webServer>
</configuration>
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

SQL server- network related or instance-specific error happened while connection establishing

  Instance-specific or network related error happening while connecting to SQL server   Please...

OleDB connection string examples

OleDB connection string examples MS Access (Jet) "PROVIDER=Microsoft.Jet.OLEDB.4.0;DATA...

Do you allow custom COM components?

Do you allow custom COM components? We are not offering to install the custom COM components...

Error when accessing a WCF services

Error when accessing a WCF services Error when accessing a WCF service: "IIS specified...

How to cache static contents to client with UseMaxAge?

You can consider to caches static contents to the client with UseMaxAge if your website has too...

Powered by WHMCompleteSolution