Restrict CMS access by IP address - On Premise – Configurations & Setup - On Premise – Configurations & Setup - Progress Community
 On Premise – Configurations & Setup

Restrict CMS access by IP address

  • Restrict CMS access by IP address
  • In SF 3.x, we could restrict access to the CMS features of Sitefinity by using IIS IP restrictions on the /Sitefinity/Admin folder. It's not obvious how we can accomplish the same thing in Sitefinity 4.

    Is this possible in SF4? If so, how? Is it still using IIS facilities? I've searched the various online resources and the documentation, without luck.

    Thanks,

    Donnie
  • Hi Donnie,

    You should put /Sitefinity in the deny rule. In Sitefinity 4.0 there are no templates exposed in the solution and all files are embedded. You could exclude the Services folder form your rule, since it is used by some of the pubic controls.

    Greetings,
    Ivan Dimitrov
    the Telerik team
  • Suppose I do that - add a "deny" rule to the /Sitefinity folder. What would a user see if he manually tried to go to www.mydomain.com/Sitefinity/Pages page (for example)?

    And do you mean exclude the Services folder (which is under /Sitefinity) from the "deny" rule (thereby "allow"ing access to that folder)?

    Thanks for the prompt response,

    Donnie
  • Hello Donnie ,

    The user will see a screen telling that the location is restricted by IP and it is not accessible. The services folder should not be included under the restriction if this website will be accessed from some public users.

    Best wishes,
    Ivan Dimitrov
    the Telerik team