Restricting environment access IPV6


A client has given me an IPv6 to add into the restrictions sections of the web.config 

For all Ipv4 we have followed this article : 

How can i add an IPv6 to this 

Thanks in advance

May 13, 2019 12:20

Rather than using url rewrite to restrict access to the sites, you could maybe make use of the ipSecurity configuration element.

My understanding is that although the documentation suggests it only supports IPv4, IPv6 addresses can be used too -

<ipSecurity allowUnlisted="false">
    <add ipAddress="" allowed="true" />
    <add ipAddress="" subnetMask="" allowed="true" />
    <add ipAddress="2001:4898:2a:5:c4ad:9291:22b1:c870" subnetMask="ffff:ffff::" allowed="true" />
</ipSecurity >

If the above doesn't work for you, you could always add some custom logic into Application_BeginRequest to test the IPs and return the response you require.

Edited, May 13, 2019 17:07

Thank you Tom, I was unfamiliar with this approach it defintly looks a lot neater and can use CIDR by the looks of it. :) 

Edit: I dont believe this will work on an Azure Web App 

Edited, May 14, 2019 15:18

I believe Azure web apps have their own restrictions -

May 14, 2019 16:12

Yup they do Tom although Episerver do not allow access to this section as part of the Azure Access, thus recommending the approach in my original article and using rewrites. 

May 14, 2019 16:16

Ahh I didn't realise you didn't have that access. I think if none of the configuration approaches work you may need to write some code to process the requests. I've done something similar in the past making use of the Application_BeginRequest to test the IP against a list of IPs defined in config and return a 404 if they don't match. 

May 15, 2019 16:06
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.