IP Security in IIS Express

  • Article

If you're building an Azure website and you want to add IP security, there are quite a few blog posts about how to make that happen. I'm just going to summarize them here for you.

  1. In your web.config, add a new element under configuration/system.webServer. The new element is security and underneath is ipSecurity. You can read up on all the various settings, but it could look something like this.
    <security>
    <ipSecurity allowUnlisted="false">
    <add allowed="true" ipAddress="127.0.0.1" /> <!-- For local debugging -->
        <add allowed="true" ipAddress="x.x.x.x" /> <!-- Fill in the IPs or ranges that you want to allow -->
    </ipSecurity>
    </security>
  2. This should work fine if you deploy your Azure website, but if you want to run locally in IIS Express, you'll need to do a few more things. First, open an admin command prompt and run: "%programfiles%\IIS Express\appcmd.exe" unlock config /section:system.webserver/security/ipSecurity
  3. Modify your csproj and make sure that it has this:  <UseGlobalApplicationHostFile>true</UseGlobalApplicationHostFile>. By default that element is empty.

Now you should be able to build and run locally in IIS Express.