Restrict access to a specific URL, running on IIS7 / ASP.NET
Posted
by frankadelic
on Stack Overflow
See other posts from Stack Overflow
or by frankadelic
Published on 2010-06-10T20:33:32Z
Indexed on
2010/06/10
20:43 UTC
Read the original article
Hit count: 274
I am deploying a public ASP.NET website on an IIS7 web farm.
The application runs on 3 web servers and is behind a firewall.
We want to create a single page on the website that is accessible only to internal users. It is primarily used for diagnostics, trigger cache expiry, etc.
/admin/somepage.aspx
What is the best way to control access to this page? We need to:
- Prevent all external (public) users from accessing the URL.
- Permit specific internal users to access the page, only from certain IPs or networks.
Should this access control be done at the (a) network level, (b) application level, etc.?
© Stack Overflow or respective owner