开发者

Webservices to IP restriction

I have built a webservices, but it can acce开发者_JS百科ssed by all poeple. I want to it only used by the IP which I assigned. it's possible can do it on the webservices code. I was using vb


You need to be careful if you use only IP to filter requests as this could be spoofed by a hacker. You should also use authentication if this needs to be secure.


Intercept the request at the IIS level by setting a rule to only allow a speicific IP address to access your service. You can find this under IIS > [Site/Service Name] > Properties > Directory Security Tab > IP addresses and Domain Name restrictions.


You could just run a check in each of your Webmethods that the clients IP is correct but as others have said an IP can be spoofed or subject to change so implementing authentication using WSE3.0 may be a better option.

[WebMethod]
public void DoSomething()
{
  if(HttpContext.Current.Request.UserHostAddress == "allowed ip")
  {
    //Your code here
  }
  else
  {
    //Access Denied
  }
}
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜