2025-04-27 07:49:33 -04:00

149 lines
5.1 KiB
HTML

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=Windows-1252">
<TITLE>IPDeny</TITLE>
<SCRIPT LANGUAGE="JavaScript">
<!--
TempString = navigator.appVersion
if (navigator.appName == "Microsoft Internet Explorer"){
// Check to see if browser is Microsoft
if (TempString.indexOf ("4.") >= 0){
// Check to see if it is IE 4
document.writeln('<link rel="stylesheet" type="text/css" href="/iishelp/common/coua.css">');
}
else {
document.writeln('<link rel="stylesheet" type="text/css" href="/iishelp/common/cocss.css">');
}
}
else if (navigator.appName == "Netscape") {
// Check to see if browser is Netscape
document.writeln('<link rel="stylesheet" type="text/css" href="/iishelp/common/coua.css">');
}
else
document.writeln('<link rel="stylesheet" type="text/css" href="/iishelp/common/cocss.css">');
//-->
</script>
<SCRIPT LANGUAGE="VBScript">
<!--
Sub Window_OnLoad()
Dim frmContents
On Error Resume Next
If Not Parent Is Nothing Then
Set frmContents = Parent.Contents
If Not frmContents Is Nothing Then
frmContents.Window.TOCSynch_Click
End If
End If
End Sub
//--></SCRIPT><META NAME="DESCRIPTION" CONTENT="Internet Information Services reference information">
<META HTTP-EQUIV="PICS-Label" CONTENT='(PICS-1.1 "<http://www.rsac.org/ratingsv01.html>" l comment "RSACi North America Server" by "inet@microsoft.com <mailto:inet@microsoft.com>" r (n 0 s 0 v 0 l 0))'>
<META NAME="MS.LOCALE" CONTENT="EN-US">
<META NAME="MS-IT-LOC" Content="Internet Information Services">
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H3><A NAME="_k2_ipdeny"></A><SUP></SUP>IPDeny</H3>
<P>You can use the <B>IPDeny</B> property of the <A HREF="/iishelp/iis/htm/asp/aore0ard.htm"><B>IIsIPSecurity</B></A> object to edit lists of IP addresses, held in an array, that are not allowed access to the server.</P>
<H6>Syntax</H6>
<P><I>SecObj</I>.<B>IPDeny</B> = <I>"IPAddress,SubnetMask"</I></P>
<P><I>varIPDeny = SecObj</I>.<B>IPDeny</B> </P>
<H6>Parameters</H6>
<DL>
<DT><I>SecObj</I></DT>
<DD>An IIS Admin Object of type <B>IIsIPSecurity</B>.<BR>
</DD>
<DT><I>IPAddress</I></DT>
<DD>This is a specific IP address you want to deny access to the server.</DD>
</DL>
<P><I>SubnetMask</I></P>
<P>This is the subnet mask for the specified IP address.</P>
<H6>Code Example</H6>
<P><CODE>&lt;% </CODE></P>
<P><CODE>&nbsp;&nbsp;' Remember to enable Integrated Windows Authentication and </CODE></P>
<P><CODE>&nbsp;&nbsp;' disable Anonymous Access or you will get and Server 500 error.</CODE></P>
<P><CODE>&nbsp;&nbsp;Dim SecObj </CODE></P>
<P><CODE>&nbsp;&nbsp;Dim MyIPSec</CODE></P>
<P><CODE>&nbsp;&nbsp;Dim IPList</CODE></P>
<P><CODE>&nbsp;&nbsp;</CODE></P>
<P><CODE>&nbsp;&nbsp;' Get the IIS object that holds the info for the default site.&nbsp; </CODE></P>
<P><CODE>&nbsp;&nbsp;' This could be any site root/vdir, or IIS://LocalHost/W3SVC for global&nbsp; </CODE></P>
<P><CODE>&nbsp;&nbsp;' properties.</CODE></P>
<P><CODE>&nbsp;&nbsp;Set SecObj = GetObject("IIS://LocalHost/W3SVC/1/Root") </CODE></P>
<P><CODE>&nbsp;&nbsp;</CODE></P>
<P><CODE>&nbsp;&nbsp;' Get the IIsIPSecurity object</CODE></P>
<P><CODE>&nbsp;&nbsp;Set MyIPSec = SecObj.IPSecurity</CODE></P>
<P><CODE>&nbsp;&nbsp;' Make sure GrantByDefault=TRUE or your changes will not count&nbsp; </CODE></P>
<P><CODE>&nbsp;&nbsp;If (FALSE = MyIPSec.GrantByDefault) Then</CODE></P>
<P><CODE>Response.Write </CODE></P>
<P><CODE>&nbsp;&nbsp;"&lt;BR&gt;GrantByDefault was not TRUE.&nbsp; Setting to TRUE.&lt;BR&gt;"</CODE></P>
<P><CODE>MyIPSec.GrantByDefault = TRUE</CODE></P>
<P><CODE>&nbsp;&nbsp;End If</CODE></P>
<P><CODE>&nbsp;&nbsp;' Get the Deny list, as an array, and add your new restricted IP</CODE></P>
<P><CODE>&nbsp;&nbsp;IPList = MyIPSec.IPDeny</CODE></P>
<P><CODE>&nbsp;&nbsp;Redim IPList (Ubound(IPList)+1)</CODE></P>
<P><CODE>&nbsp;&nbsp;IPList (Ubound(IPList)) = "123.0.0.1,255.255.255.0"</CODE></P>
<P><CODE>&nbsp;&nbsp;&nbsp;</CODE></P>
<P><CODE>&nbsp;&nbsp;' Set the new lists back in the metabase in two stages, and then set&nbsp;&nbsp; </CODE></P>
<P><CODE>&nbsp;&nbsp;' the metabase</CODE></P>
<P><CODE>&nbsp;&nbsp;MyIPSec.IPDeny = IPList</CODE></P>
<P><CODE>&nbsp;&nbsp;SecObj.IPSecurity = MyIPSec</CODE></P>
<P><CODE>&nbsp;&nbsp;SecObj.Setinfo</CODE></P>
<P><CODE>&nbsp;&nbsp;Response.Write "The IPRestriction has been set&lt;BR&gt;"</CODE></P>
<P><CODE>%&gt;</CODE></P>
<PRE><CODE> </CODE></PRE>
<H6>See Also</H6>
<P><A HREF="/iishelp/iis/htm/asp/aore0hro.htm"><B>IPGrant</B></A>, <A HREF="/iishelp/iis/htm/asp/aore97cp.htm"><B>DomainDeny</B></A>, <A HREF="/iishelp/iis/htm/asp/aore9qpg.htm"><B>DomainGrant</B></A>, <A HREF="/iishelp/iis/htm/asp/aore588k.htm"><B>GrantByDefault</B></A>, <A HREF="/iishelp/iis/htm/asp/aore0ard.htm"><B>IIsIPSecurity</B></A></P>
<hr class="iis" size="1">
<p align="center"><em><a href="../../../common/colegal.htm">&copy; 1997-2001 Microsoft Corporation. All rights reserved.</a></em></p>
</BODY>
</HTML>