尝试保护按IP地址保护的文件夹中的所有aspx文件 [英] Trying to secure all aspx files in a folder secure by IP address
问题描述
我喜欢保护文件夹〜/Secure/中的所有aspx文件的安全,以便特定的IP地址可以访问该文件夹的 aspx 文件.我将以下 web.config 文件添加到该文件夹中,希望将其添加到父 web.config 中:
I like to secure all aspx files in a folder ~/Secure/ secure such that specific IP addresses can access the folder's aspx files. I added the following web.config file to the folder, hoping that it adds to the parent web.config:
<configuration>
<system.webServer>
<security>
<ipSecurity allowUnlisted="false">
<clear/>
<add ipAddress="192.168.100.1" />
<add ipAddress="169.254.0.0" subnetMask="255.255.0.0" />
</ipSecurity>
</security>
</system.webServer>
</configuration>
问题是,当我尝试访问该文件夹中的任何aspx页时,都会出现此错误:
The problem is that I get this error when I try to access to any of the aspx pages in the folder:
此配置部分不能在此路径上使用.当该节被锁定在父级时,会发生这种情况.锁定默认情况下是(overrideModeDefault ="Deny"),或者是由具有overrideMode ="Deny"或旧版allowOverride ="false" 的位置标记显式设置的.
This configuration section cannot be used at this path. This happens when the section is locked at a parent level. Locking is either by default (overrideModeDefault="Deny"), or set explicitly by a location tag with overrideMode="Deny" or the legacy allowOverride="false".
使这个想法变为现实需要什么?我只想在文件夹中包含一个 web.config 文件,即可执行IP地址授权.我喜欢这个想法,因为它只是无代码和配置.
What does it take to make this idea happen? I like to just include one web.config file to a folder and that enforces the IP address authorization. I like this idea, since it is no-code and config only.
推荐答案
您不能仅在网站web.config中执行此操作.
You cannot do it in the website web.config only.
如果可以使用IIS管理器:打开IIS管理器,找到站点,单击要保护的文件夹,然后单击IP地址和域限制.
If you can use IIS manager: Open IIS Manager, locate the site, click on the folder you want to protect, then click on IP address and Domain Restrinctions.
也请点击右侧操作"面板中的编辑功能设置",为未指定的客户端指定操作(例如,拒绝禁止,或者直接拒绝未找到).
Also click on "Edit feature settings" in the right Actions panel" to specify actions for unspecified clients (i.e. Deny with Forbidden, or simply Deny With Not Found).
这将为您生成正确的配置.
This will generate the right configuration for you.
这篇关于尝试保护按IP地址保护的文件夹中的所有aspx文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
