CODEWITHSUNDEEP
wcfsecurityazureconfig
Chris
Chris

Reputation: 257

Windows Azure with WCF web role and restricting IPs via web.config

I'm attempting to restrict only certain IP addresses to my Azure hosted WCF service. I have followed both of the instructions listed on the following websites:

http://msdn.microsoft.com/en-us/library/windowsazure/jj154098.aspx

http://blog.elastacloud.com/2011/04/06/restricting-access-by-ip-in-azure-web-role-v1-4/

But I'm still able to access the service from an address that isn't listed. Is there something I'm missing?

Here is the cmd file:

@echo off

@echo Installing “IPv4 Address and Domain Restrictions” feature
%windir%\System32\ServerManagerCmd.exe -install Web-IP-Security

@echo Unlocking configuration for “IPv4 Address and Domain Restrictions” feature
%windir%\system32\inetsrv\AppCmd.exe unlock config -section:system.webServer/security/ipSecurity

And the web.config section:

<system.webServer>
   <security>
   <!-- IP addresses are denied access -->
    <ipSecurity allowUnlisted="false">
        <!--The following IP addresses are granted access -->
        <clear />
        <add allowed="true" ipAddress="x.x.x.x" />
    </ipSecurity>
   </security>
  </system.webServer>

Upvotes: 2

Views: 474

Answers (1)

Chris
Chris

Reputation: 257

Thanks to Rick Rainey I discovered that I could RDP into the web role and run the script manually. I discovered that the first part of the script was failing because the app was running on server 2012. I changed it to:

powershell -ExecutionPolicy Unrestricted -command "Install-WindowsFeature Web-IP-Security"

And now everything works as expected...

Upvotes: 2

Related Questions