Home > Archive > ASP > October 2006 > Restrict access by ip
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Restrict access by ip
|
|
| Ted Boyd 2006-10-30, 6:57 pm |
| I have an ASP page that I want to allow access from only from a certain
block of address, can someone get me started?
| |
| McKirahan 2006-10-30, 6:57 pm |
|
"Ted Boyd" <screamer48@hotmail.com> wrote in message
news:ORA5ne15GHA.4064@TK2MSFTNGP03.phx.gbl...
> I have an ASP page that I want to allow access from only from a certain
> block of address, can someone get me started?
Is it a list or a range of valid IP Addresses?
If a list then try this:
<%
Dim arrIPA(2)
arrIPA(0) = "1.2.3.4"
arrIPA(1) = "11.22.33.44"
arrIPA(2) = "111.222.333.444"
Dim strIPA
strIPA = Join(arrIPA,"^")
Dim strRSV
strRSV = Request.ServerVariables("REMOTE_ADDR")
If InStr(strIPA,strRSV) > 0 Then
'.............. IPAddress is valid ................
End If
%>
| |
| Evertjan. 2006-10-30, 6:57 pm |
| McKirahan wrote on 04 okt 2006 in
microsoft.public.inetserver.asp.general:
> "Ted Boyd" <screamer48@hotmail.com> wrote in message
>
>
> Is it a list or a range of valid IP Addresses?
>
> If a list then try this:
>
> <%
> Dim arrIPA(2)
> arrIPA(0) = "1.2.3.4"
> arrIPA(1) = "11.22.33.44"
> arrIPA(2) = "111.222.333.444"
> Dim strIPA
> strIPA = Join(arrIPA,"^")
> Dim strRSV
> strRSV = Request.ServerVariables("REMOTE_ADDR")
> If InStr(strIPA,strRSV) > 0 Then
> '.............. IPAddress is valid ................
> End If
> %>
Not very safe, as it would allow:
181.2.3.4
211.2.33.44
etc.
Try:
Dim arrIPA(3)
arrIPA(0) = "1.2.3.4"
arrIPA(1) = "11.22.33.44"
arrIPA(2) = "111.222.333.444"
Dim strIPA
strIPA = "^" & Join(arrIPA,"^") & "^"
Dim strRSV
strRSV = "^" & Request.ServerVariables("REMOTE_ADDR") & "^"
If InStr(strIPA,strRSV) = 0 Then session.abandon : response.end
===
Even then I would think "REMOTE_ADDR" can be manipulated
in the client request stream.
--
Evertjan.
The Netherlands.
(Please change the x'es to dots in my emailaddress)
| |
| Dave Anderson 2006-10-30, 6:57 pm |
| Ted Boyd wrote:
> I have an ASP page that I want to allow access from only
> from a certain block of address, can someone get me started?
Use the IIS console. View properties on the resource, and select the [File
Security] or [Directory Security], as appropriate. Click the [IP Address and
Domain Name Restrictions] button.
--
Dave Anderson
Unsolicited commercial email will be read at a cost of $500 per message. Use
of this email address implies consent to these terms.
| |
| Ted Boyd 2006-10-30, 6:57 pm |
| Thanks to all...
Ted
| |
|
| who do you do it if it's a block of ip??
---
Posted via DotNetSlackers.com
|
|
|
|
|