I want to restrict access to my MVC project to a predetermined set of IP addresses. It should be quick and easy to add or remove IP addresses, possibly through an admin-interface on the webpage.
Which way would be best to implement this? Do i have to set the restriction in the web.config?
You can set this in IIS, no need to do this specifically in ASP.NET MVC.
See MSDN on a complete how to do this.
If you do want to do this in MVC on a fine grained way for specific actions for example, you can create an own FilterAttribute to determine if the ip address for that action is authorized.
