SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    SitePoint Member
    Join Date
    Apr 2005
    Posts
    5
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    How to block web page access?

    I use the windows 2003 server with IIS 6 and my web pages are created with ASP script.I am trying to block some web pages (not all) that is created only for internal users like an intraweb.To do this, how can i control it and how should i block to prevent access from external users.
    Any suggestion and help appreciated.

  2. #2
    SitePoint Wizard gRoberts's Avatar
    Join Date
    Oct 2004
    Location
    Birtley, UK
    Posts
    2,439
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I suppose what you could do is use server variables ( http_host ) or any other to get the address that the client is calling. If the client it calling localhost or the internal ip address then allow it, otherwise redirect to error page.

    <%

    if Request.ServerVariables("HTTP_HOST") <> "localhost" or _ Request.ServerVariables("HTTP_HOST") <> "192.168.0.1" then
    Response.Redirect("Nooutsideaccess.asp")
    end if

    %>

    Of course your best off creating a script that will output every variable in the server variable list, then read them in every situation, then you can create an if/else statement to denie access.

    I am sure there is an internal access user I know IUSR is IIS's all through user to access the files you want to display, but I think you can put a filter on it.

    Easiest way is not to put these files on a computer that can access the internet, such as block port 80 access going out from that ip address, but when an internal computer connects and requests it shouldn't reach the outside world ( if you have an external firewall that is ).

    Gav



Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •