Configuring your Internet server to grant or deny access to a specific source IP address or subnet mask is a simple procedure in Internet Information Server. And it provides a very effective first-level barrier against unauthorized users.
Û To configure the Internet Information Server IP settings
1. In the Internet Service Manager, choose the service. From the Properties menu, click Properties, and then click Service Properties. Click the Advanced tab. (For an example, see Figure 1.2.)
2. In the IP Address box, type the IP address or subnet mask to which you want to grant or deny access, then click Add.
3. Select Denied Access or Granted Access, then click OK.
Figure 1.2 Using the Advanced tab of the WWW Service Properties dialog box to grant or deny access
Although you can set access control for each Internet service by specifying an IP address, you cannot do so for individual virtual directories. If you need to set IP address restrictions on an individual virtual directory, you must either design an ISAPI filter or purchase one from a third party. An ISAPI filter can examine the request source's Uniform Resource Locator (URL), mapped directory path, or source IP address, and then grant or deny access to the virtual directory. For more information, see "Using ISAPI Security Functions," later in this chapter.