Hello,

The easiest way would be to create a simple redirect in the Global.asax.cs file in the method Application_BeginRequest where you would filter out and redirect ip addresses which aren't inside your company network. Or you can disable the CMSDesk entirely and manage the content only through content staging with the CMSDisableAdministrationInterface settings key in the web.config.

Best regards,
Boris Pocatko

Bumping a pretty old post... here's how I'm going about it in version 6, without writing any custom code.

In web.config, I changed the following key:

<forms loginUrl="CMSPages/logon.aspx" defaultUrl="Default.aspx" name=".ASPXFORMSAUTH" timeout="60000" slidingExpiration="true" />

to:

<forms loginUrl="CMSPages/admin/logon.aspx" defaultUrl="Default.aspx" name=".ASPXFORMSAUTH" timeout="60000" slidingExpiration="true" />

So, I'm re-routing the login page to a specific directory. Now, in the CMSPages directory, create a directory named "admin", and move logon.aspx and logon.aspx.cs inside it. Edit logon.aspx, and modify the following line:

<%@ Register Src="../CMSAdminControls/UI/System/RequireScript.ascx" TagName="RequireScript" TagPrefix="cms" %>

to:

<%@ Register Src="../../CMSAdminControls/UI/System/RequireScript.ascx" TagName="RequireScript" TagPrefix="cms" %>

Next, within kentico, modify the login page as shown here: http://devnet.kentico.com/Forums.aspx?forumid=45&threadid=25974. This step may be optional as I think this may be only for secured pages within your website, but I've done it anyway.

Finally, within IIS, add an IP based restriction to the CMSPages/admin folder.
http://support.microsoft.com/kb/324066/en-us

Kentico Admins - any thoughts?