Menu

Restrict Umbraco CMS By IP Address

Updated: May 7, 2014

Ali Taheri

Here's how to restrict the admin section of Umbraco's website by IP address. The code also works if your server is behind a load balancer. All unauthorised requests will be redirected to the no access page.

Here's what to do: 

  1. Install URL Rewrite module on the server.
  2. Create a page called "no-access" in Umbraco's Content section. Give it any name you like.
  3. If your server is behind the load balancer, use {HTTP_X_FORWARDED} as an input otherwise just use {REMOTE_ADDR}.
  4. Finally, add the following snippet in the web.config in the <system.webServer> section.

* If your IP address is 112.21.55.156, the code will appear as below:

<rewrite>
      <rules>
        <rule name="Restrict URL" enabled="true" stopProcessing="true" >
          <match url="^umbraco($|/(?!surface))" />
          <conditions logicalGrouping="MatchAll">

            <!-- Use REMOTE_ADDR if your server is NOT behind load balancer -->
            <add input="{REMOTE_ADDR}" pattern="^112\.21\.55\.156$" negate="true" /> 

            <!-- Use HTTP_X_FORWARDED_FOR if your server is behind a load balancer -->
            <add input="{HTTP_X_FORWARDED_FOR}" pattern="^112.\21\.55\.156$" negate="true" /> 

           </conditions>
          <action type="Redirect" url="/no-access/" /> 
        </rule>
      </rules>
</rewrite>

Tags

Umbraco
comments powered by Disqus
Previous Post
Next Post

About Me

Ali Sheikh Taheri - Umbraco Level 1 and 2 Certified
My name is Ali Sheikh Taheri and I’m Umbraco level 1 & 2 certified developer and database programmer based in London, England who specialises mainly in the development of websites and applications.

The aim of my website is to share my experiences and difficulties that I have had in programming and development.

Tags

© 2017 - Ali Sheikh Taheri