问题描述

我在一个ASP.Net应用（其实际上的mvc，但并不重要）得到了一个网页，我想只允许从本地机器到这个页面的连接。我很乐意做这样的事情在Web.config中：

I've got a page in an ASP.Net app (its Mvc actually but not important) and I would like to only allow connections to this page from the local machine. I would love to do something like this in Web.config:

<location path="resources"><system.web><authorization><allow ips="local"/></authorization></system.web></location>  

我知道这是可能的页面code进行简单的检查背后（或控制器）和its甚至有可能只是IIS配置，但我会爱一个Web.config的配置，因为这将是我认为最完美的解决方案。任何人都知道这是可能的？

I know this is possible with a simple check in the page code behind (or controller) and its even possible just with IIS configuration but I would love a Web.config config as this would be the most elegant solution in my opinion. Anyone know if this is possible?

感谢

圭多

推荐答案

您可以要求IIS来从Web.config中通过IP地址限制对资源的访问：

You can ask IIS to restrict access to a resource by IP address from within the Web.config:

<location path="resources">
  <system.webServer>
    <security>
      <ipSecurity allowUnlisted="false">
        <clear/>
        <add ipAddress="127.0.0.1"/>
      </ipSecurity>
    </security>
  </system.webServer>
</location>

编辑：迈克在下面的评论指出了这一点，这需要安装的IP地址和域限制模块。感谢迈克！

As Mike pointed it out in the comment below, this requires the IP and Domain Restrictions module to be installed. Thanks Mike!

这篇关于是否有可能在Web.config中配置一个位置只允许本地连接的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！