I have an ASP.NET 2.0 application that I am deploying to an IIS 6.0 web server. My ASP.NET application is being deployed as a virtual directory. Currently, this ASP.NET application is publicly visible on the internet. However, I need the ASP.NET application to run only inside of my corporate firewall.
How do I configure my application so that individuals outside of my company canNOT access/use the web application?
Thank you,
I would do one of the following:
if your app is standalone
1: create separate site for your application with DNS host name that is internal
if not
2: apply security to your virtual directory (windows auth can be seamless)
I suggest,
Use the corporate firewall to block all external requests to this IIS server. Consult your IT guys, as that's quite easy for them to do that for you.
Or use IP policy in IIS Manager to allow internal IP range but block all others. This is simply a workaround, which has worse performance than 1.
Probably a question best suited for ServerFault but you will need to have an IP address that is only internally viewable from the corporate firewall. You probably have an IT department so ask them for a internal only IP address and then assign the IP address they give you in IIS.
Related
Assuming a Windows Server 2012 VPS:
It seems that many tutorials include the setting up of DNS Server (setup of forward lookup zones, and A record) as part of the basic steps to deploy and run an ASP.NET web application on IIS.
I'm slightly confused, because within IIS manager you can set the bindings ( IP address, URL, SSL, port) of a web application. Wouldn't this alone not suffice to correctly route incoming requests to the correct web application?
What would be the advantage to running DNS Server?
IIS Manager can only manage IIS related Windows settings, but to make a site work you need much more settings than that.
DNS settings are critical to direct web browsers to your side. Nobody uses IP addresses to access a site, so a typical URL uses domain name. That requires DNS to translate the domain name to an IP address so that browsers can send HTTP packets to the proper location.
IIS Manager could not manage that for you, as which DNS product to use or how to configure it is usually vendor specific and out of IIS's scope.
We have developed a web application to display sensitive information over our company's intranet. We had initially planned to implement sufficient security to allow remote access via the intranet to the application through a browser. But, due to an unforeseen requirements from our security team, we have decided not to allow remote access. We would still like a small number of users to be able to access the application, so here's the question. How can you host a web application in IIS visible only to users logged into the hosting machine? (The machine is both the host of the web app, and the only machine where the web app would be visible.)
I'm relatively new to IIS, so please speak as plainly as possible.
It seems like their must exist some setting in IIS to limit incoming and outgoing requests to the current machine.
It's possible to block all IP addresses with the following:
Which can be found in IIS 7 at this location:
I developed an asp.net (2.0) intranet Application for local network in an organisation..
so we have 10 systems every one should access that site by ://192.xxx.x.xx/xyz(website name) ...
so now their requirement is not to type total ip adress.they need just by typing ://xyz they have to browse the intranet application..how to solve this issue..?
Thanks
Veduru
Go to every one of this 10 computers, and in this directory
c:\WINDOWS\system32\drivers\etc\
find the host file and add the conversion of ip to name as
192.168.1.10 xyz
etc
and then you can access the site as http://xyz
Talk to your network admin about setting up a DNS entry for your application in the local DNS server. If you have multiple web sites running on your web server, look into configuring IIS host headers to ensure the users get directed to the proper web application.
Please do not manually edit the hosts file on each machine unless it is absolutely, positively necessary, and only do so as a last resort. When your 10-machine application expands to 100, or if your server IP ever changes, you will thank me later :)
I have application..its runnning on my localhost.. i need one more machine to access that application.. but when in tht link i type my IP address instead of localhost.. it showing cannot find server.. can you plz tell me steps what i need to do in orderr to access appplication to other machine.. as such there is no UAT server as of now...
First off, make sure your firewall allows access through port 80.
Then, check if your IIS allows access from outside IP's.
I can help more if you provide this:
Your OS (XP, Windows 7, etc)
the local link to your app. Is there a port number needed to access the app?
LaterEdit: Ok, then you need to do this:
Now, your app will be served by IIS on port 80 (default). Check your firewall to allow traffic through this port.
If you IIS is set for another port, then use that one.
Checking the port in IIS:
I'm going to assume that you are running the application from Visual studio which allows the localhost to run.
In order for your application to be available to other machines on the network, you have to ensure that IIS is installed on your development machine and then a website is set up for that application as well.
The application existing in IIS is what will make it accessible across your network.
I have a situation very similar to the one in this question:
Selective Cache clearing across load balanced servers (ASP.Net)
The difference is that due to our hosting configuration, I am unable to address individual servers by IP address. Assuming I cannot access specific servers via web requests, is it possible to access the HttpContext of a web application running on the same machine? I'm thinking I could accomplish this with a windows service that I could address by machine name, or alternately a console application, I just don't know if I can gain access to the web application cache either way.
You can expose content of the WebCache of an app through some Remoting/WCF code built into the web app. I hope you can use localhost to access it from an app on the same box.