How to Block an IP Address from Using a DNN Site

DNN > How To

How to Use a Web.config File to Block Specific IP Addresses from Using a DNN Site

This solution gives the client the ability to manage the blocks without directly touching IIS. It involves adding a section to the web.config. The example piece of code has been tested and verified to work in IIS 7.

  1. Log into your Control Panel.
  2. Open your web.config file. See How to Access Your Web.Config.
  3. Locate the system.webserver section of your web.config file.
  4. Add the appropriate lines based on the IP address(es) you're wanting to block.
  5. Save the web.config which will recycle the application pool and block access to the IP addresses specified.
<system.webserver>
 
<modules>   
 
</modules
 
<handlers>
 
</handlers>  
 
<security>
   <ipSecurity allowUnlisted="true">    <!-- this line allows everybody, except those listed below -->           
       <clear/>     <!-- removes all upstream restrictions -->               
       <add ipAddress="125.16.119.23"/>     <!-- blocks the specific IP of 125.16.119.23  -->               
       <add ipAddress="83.116.119.0" subnetMask="255.255.255.0"/>     <!--blocks network 83.116.119.0 to 83.116.119.255-->               
       <add ipAddress="83.116.0.0" subnetMask="255.255.0.0"/>     <!--blocks network 83.116.0.0 to 83.116.255.255-->               
       <add ipAddress="83.0.0.0" subnetMask="255.0.0.0"/>     <!--blocks entire /8 network of 83.0.0.0 to 83.255.255.255-->               
   </ipSecurity>
</security>
<validation validateIntegratedModeConfiguration="false" />
</system.webserver>
 

If you get a 500 error. Please check IIS -> CLOUDIMAGE -> Feature Delegation to make sure that the IP Address and Domain Restrictions are set to Read/Write and not Read Only.

If you are a shared hosting customer, please contact support to have make the change in IIS.
 

Add Feedback