How to make website only be able to opened from a specified IP addresses

Question

I have got a website, which i want to be opened from some specified IP addresses. I know how to get ip address in asp.net, but i dont want this check to be perform on page init or in masterpage for again and again.

is it possible to do some settings in web.config or do some stuff with global.asax. so we can control that website to be opened from some specified ip address only and we need not to write the check for this again and again.

i am using express edition of vs2008 for web development

Thanks

EDIT: I just wants to do it by code or using web.config or global.asax. (but i dont wants to write it on page init or masterpage). is it not possible to do some stuff with application_start in global.asax and redirect user to some other url or any other such idea which can me implemented by coder not by iis settings or other settings kind of stuff?

Answer 1

Another approach is through defining ipsecurity section in the web.config

http://www.iis.net/configreference/system.webserver/security/ipsecurity

note: IP and Domain Restrictions is enabled on Azure WebSites http://azure.microsoft.com/blog/2013/12/09/ip-and-domain-restrictions-for-windows-azure-web-sites/

Answer 2

If you don't have access to IIS, one option would be to Write a whitelist HTTPModule. Scott hanselman posted a blacklist HTTPModule on his blog. It would be quite simple to modify this to provide whitelist functionality.

Answer 3

Go to inetmgr >> right click on website >> property

Answer 4

You can restrict access to IPs with IIS. Depending on the version of IIS it's slightly different, but look for Directory Security and denying/granting access.