I have an ASP.NET application that's made up of several .aspx pages. I want one of those .aspx pages to be accessible by only a certain set of IP开发者_StackOverflows. Is this possible?
I know you can IP whitelist at the website level, but can you IP whitelist for a single URL in an application?
The following resource demonstrates how to detect the client IP in ASP.NET:
http://bytes.com/topic/asp-classic/answers/439176-how-get-clients-ip-address-asp-net
Once you have the IP, load your whitelist from the storage mechanism of your choice, perhaps during an Init event (if in a page), and if the IP fails to match, respond like so (Use HttpContext.Current.Response if not in a page:
if (!mySafeIpList.Contains(clientIP))
{
Response.Clear()
Response.StatusCode = (int)HttpStatusCode.Unauthorized
Response.End()
}
Or, just simply redirect to a valid page:
Response.Redirect("~/Head-Fake.aspx")
I hope this helps.
Unfortunately, I'm pretty sure you can't do it for a single page via IIS (seek Serverfault.com for more details if you want verification), but if you wanted to do it programmatically, you could hook Application_BeginRequest in your global.asax file. Check the request URL and the request IP address against your restrictions, and only allow the request to continue if they pass.
You can always check Request.ServerVariables["REMOTE_HOST"] against your own white list within your app.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论