mardi 6 janvier 2015

Block ASP.NET health check page to specific IPs

I have an ASP.NET MVC application hosted in a Windows 2008 Server with IIS 7.5 in a AWS instance. That application has a health page, something like http://ift.tt/13VHEpI


That health check page exposes some info we don't want to make public but it is pretty useful for us. So I would like to block that page to all IPs but an specific range (my corporate network). I can think on several ways of limiting the access



  1. Block IPs in the C# code (reading IP ranges from web.config)

  2. Somehow use IP and domain restrictions in IIS to block IPs (Is it possible?)

  3. Use AWS ACL to somehow block IPs to a given page (Is it possible?)


My questions are



  • Are options 2) and 3) possible?

  • Is there any other way of blocking a page to certain IPs?

  • What option do you recommend?


Regards, Oscar





Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)