We are implementing a version of HelpSpot for our HR department and I have been asked to restict access to the admin.php page to a particule subnet or VLAN but allow the customer portal to be publicly accessable. HelpSpot is installed on an MS IIS server but it appears that index.php and admin.php reside in the same folder so this has become more of a challenge. Any ideas how I may be able to accomplish this?
Sorry for the delay in the forums, I think we’re working with you on this via a request though.
For others who may find this thread we don’t have a recommended way to do this, but it certainly seems like it should be possible! Some research shows that it may be doable via file permissions. IIS guru’s are welcome to chime in.
Everyone, all I can say is that IIS 7.5 (not sure about 7.0) is completely diferent in how it works compared to IIS6. So for those of you who want to know your options of resticting access to a particular web page in IIS7.5 (server 2008R2) this is what I can tell you.
You could use URL Authorization to control URL access for the different resources see: http://learn.iis.net/page.aspx/142/understanding-iis-70-url-authorization/ (I couldn’t get this to work the way I wanted it to but I didn’t know this existed) very cool feature though!
You could configure Web server permissions for Web content in IIS:
http://support.microsoft.com/kb/313075 (IIS7.5 permissions work differently than IIS6, I didn’t spend much time on this but it wouldn’t work for me the way I have configured IIS6 NTFS permissions in the past).
You can use IP Address and Domian Restriction at the file level in IIS7.5, in IIS6 you could only do this at the folder level. So what I ended up doing was allowing the whole HelpSpot web site public access with the exception of admin.php, it’s restricted to our VLAN or subnet.
Just and FYI
Awesome, thanks for the update here Shaun!