If you want to restrict website access to certain IP address, you have to do it in the web.config file. The Web.config allows you to restrict access to a page, directory, all sub directories, or even the whole website. In this article I will give you a step by step guide on how to blog IP addresses in web.config
1. Open the web.config file of your project.
2. In the web.config file, open a <security> tag. This MUST to be added inside the <system.webServer> tag:
3. Inside the <security> tag, add the following lines:
Where ‘allowUnlisted‘ means that everybody has access except the IP listed below that line:
4. Inside the <ip security> tag, list the IP addresses that you want to block like this:
5. Save your web.config and that’s it, the IP addresses you want will not be able to access your site or ASP application.
This concludes How to block IP addresses in web.config