Deny access to Microsoft Azure Web sites through IP

Several customers asked me if it is possible to restrict access to a Web site on Microsoft Azure, so that only from the company were able to get to it. The truth is that it’s possible to use the ipSecurity section, which allows us to restrict access based on IPv4 addresses and/or domains. It is pretty simple: you only need to specify in the web.config file the following section:

<system.webServer>
  <security>
    <ipSecurity allowUnlisted="false" denyAction="Unauthorized">
      <add allowed="true" ipAddress="83.34.130.241" />
    </ipSecurity>
  </security>
</system.webServer>

The attribute allowUnlisted allows us to decide what should be the behavior for addresses that are not on the list. denyAction has the task of returning the type of error that we choose (Unauthorized, AbortRequest, Forbidden or NotFound). In this case I used Unauthorized, to make it clear that the site has been found, but we have no access. Finally, I add to the list the IP address from which I want to access the website.

Hope this helps.

Happy weekend!