How to restrict user to login from specific static IP

benyamin jain asked on October 15, 2018 09:40

I want to know how it is possible to restrict predefined users to logoin to live site only from specified static ip address.

IP addresses defined for user when site admin create new user.

Thanks in advance

Correct Answer

David te Kloese answered on October 15, 2018 09:58

Hi,

You want to limit only specific accounts and each to a specific IP? Or can it be a range?

So you either block traffic in web.config to /CMSPages/logon.aspx and /admin to the list. something like this:

https://forums.iis.net/t/1225233.aspx

and add all IP's allowed to logon

If it needs to be specific to some users you'll have to build something custom.

Easiest might be to create a custom Global event handler. And fire your logic before logon Check the following help on setting that up:

0 votesVote for this answer Unmark Correct answer

Recent Answers

Ajeet Kumar answered on October 16, 2018 15:42 (last edited on October 16, 2018 15:47)

select the Enable banned IPs check-box in Settings -> Security & Membership -> Protection.

Then, Open the Banned IPs application. Click New banned IP. Enter the required details.

For more details, you can check here.

0 votesVote for this answer Mark as a Correct answer

benyamin jain answered on October 18, 2018 11:57

@David te Kloese Thanks for response

We have some users (ex: Partners) that have specific role(partners). for this type of users we define their static IP Address and they must only logon from that IP.when they logon from that IP we display some products other than global products that available for public users(products comes from Web service and any order inserted into CRM system using Web Service).

base on the requirements these users must be restricted to one and one static IP.

I think it is better to do it in custom way by using global event handlers and check current user IP with role of partner with specified IP.

0 votesVote for this answer Mark as a Correct answer