How to allow only a specific set of web pages accessible over internet using IIS?

Question

I have a website with 10 web pages(aspx). I want to allow only 5 pages accessible over internet and all other over Intranet. I am using IIS 8. Is there a way with out using any security or Login features.

This question does not seem to be programming related and probably isn't suited for Stack Overflow — musefan, Jun 30 '15 at 15:16

score 0 · Answer 1 · edited May 23 '17 at 12:14

At IIS level you would could split out the sites into public and private with bindings on different IP addresses. You could then use firewall rules or maybe IIS IP restrictions to achieve this (set IIS to grant access to specific IP address mask)

However it can be fairly easy to setup in your application by using the <location> element in the web.config to handle separate authentication and authorization schemes for different pages. Make sure you have windows auth setup as per https://stackoverflow.com/a/360717/1165140

<configuration>
   <location path="Internet.aspx">
      <system.web>
         <authorization>
            <allow users="?"/>
         </authorization>
      </system.web>
   </location>
   <location path="Intranet.aspx">
      <system.web>
          <authentication mode="Windows"/>
          <authorization>   
              <allow users="?" /> 
          </authorization>
      </system.web>
   </location>
</configuration>

How to allow only a specific set of web pages accessible over internet using IIS?

1 Answers1