How to allow only specific IPs to certain URLs of the project

Question

I'm rather new to IIS run projects so might not be getting every aspect here.

We are running a web application with a lot of projects inside a solution. The only project that is used inside virtual directory is a Web project. Now, I need to restrict access to a certain URL Sequence and allow that for only several specific IP addresses. The project that runs code based on that URL is outside main virtual directory and that project is being compiled as dll files.

I've tried to add a new web.config with restrictions inside the project in question, but that didn't take any effect. The below example doesn't allow IP restrictions, only whole path.

    <security>
      <requestFiltering>
        <denyUrlSequences>
          <add sequence="/MyUrl" />
        </denyUrlSequences>
      </requestFiltering>
    </security>

And adding location is only for the current virtual directory, as I understood.

What is a good way to add IP-specific restrictions to that URL? Can it be done in a general web.config file?

Answer 1

You can use URL rewrite module and this rewrite rule to prevent specific IP from reaching specific URL.

Here a demo for you as a reference:

<rule name="test" stopProcessing="true">
      <match url="(.*)" />
         <conditions>                     
             <add input="{REMOTE_ADDR}" pattern="xxx.xxx.xxx.xxx" />
         <add input="{URL}" pattern="^/MyUrl" />
      <action type="CustomResponse" statusCode="401" statusReason="permission required" statusDescription="Access is denied due to invalid credentials." />
 </rule>