Restricting Access by IP Address on the Standard Application Server

Description

Access can be restricted to specific IP addresses for your Alpha Anywhere web applications and web services.

Discussion

The Application Server Control Panel allows you to restrict access by IP address on the Access tab. Access can be restricted by either defining a list of disallowed IP addresses or a list of allowed IP addresses. You must explicitly list each IP address. The Application Server does not support wild cards or ranges when specifying the IP address list. If you require this type of IP address blocking control -- or need to define both a list of denied and allowed IP addresses -- you can either use Xbasic to filter access by IP address (read below) or add IP address filtering to your firewall.

It is recommended that all IP address filtering is done using an external firewall. While Alpha Anywhere supports restricting access to specific IP addresses, filtering IP addresses using the Application Server can decrease application performance.

IP Restrictions can be set in the Access settings of the Standard Application Server

To enable IP restrictions, check the Enable box on the Access tab in the IP Restrictions settings. Choose to either Allow or Deny access for the IP addresses listed in the IP Addresses box -- you can only pick one. Add the IP addresses to allow or deny access to the Application Server to the IP Addresses. Then, save your changes. You will need to restart the Application Server for the changes to take effect.

Restricting IP Addresses on a per Page Basis 

Restricting IP addresses using the Access settings in the Application Server is a server-wide configuration. To block (or allow) specific IP addresses at the page level, you can use Xbasic. Add the Xbasic to the top of your restricted pages to check the IP address, which is in the context.request.remote_addr variable. For example, the Xbasic below, when added to an .a5w page, would only allow access by the specified IP address. Anyone else would be redirected to a different page:

<%a5
if context.request.remote_addr <> "1.2.3.4"
    context.response.redirect("/unauthorized.html")
    end
end if
%>

Using Xbasic to implement IP restrictions can result in decreased application performance. It is recommended you use an external firewall to restrict access to your application by IP address.

Restricting Access on IIS and Alpha Cloud 

To restrict access by IP address under IIS, you must use Microsoft's IP Address and Domain Restrictions tool or an external firewall. See Restricting Access by IP Address in IIS for more information.

To restrict access by IP address on Alpha Cloud, see Alpha Cloud Alpha Anywhere Developers Guide Managing Applications or Alpha Cloud Alpha Anywhere Developers Guide Managing Deployments for more information.

Limitations

Standard Application Server Only

See Also