View Single Post

Default Configuring Web Services Firewall IP Address Restrictions

  #1  
Old December 22nd, 2011, 03:39 PM
Dale John M.'s Avatar
Dale John M. Dale John M. is offline
Administrator
 
Join Date: Oct 2006
Posts: 82
Dale John M. is on a distinguished road
When setting up web services, it is a security best practice to restrict access to the iMIS SOA/Web Services "EntityService.svc" file to only the servers you want to give access to web services.

To add these restrictions while still allowing GoLightly's servers to connect to your web services, here is example code for web.config to filter by a range (allowing connection from all of GoLightly's network IP addresses, included below):

HTML Code:
<location path="EntityService.svc">
    <system.webServer>
        <security>
            <ipSecurity allowUnlisted="false">
            <add ipAddress="127.0.0.1" allowed="true" />
            <add ipAddress="38.127.224.111" subnetMask="255.255.255.0" allowed="true" />
            <add ipAddress="69.46.106.171" subnetMask="255.255.255.0" allowed="true" /> 
            <add ipAddress="204.178.115.1" subnetMask="255.255.255.0" allowed="true" />
            </ipSecurity>
        </security>
    </system.webServer>
</location>
See also "Restricting services access through IP address" in the iMIS 20-300 documentation.

Last edited by Dale John M.; August 4th, 2016 at 07:24 AM..
Reply With Quote