Hi,
I'm scratching my head trying to think of a way to resolve this filtering rule issue.
In IIS I have some integration web services on port 443 that I want just one external "VIP" client IP address to access
I also have another interface on port 444 (example) that I want to allow the world to access
I only want the world to be able to access the url https://hostname:444/folder/healthcheck.svc/getstatus1 on port 444
How do I create a set of rules that allows the one VIP client to access any path on port 443 https://hostname/* yet on port 444, clients can only request that one specific url
There's a specific reason for using a non-standard 444 port, but its irrelevant to the technical issue I'm trying to solve. I'm trying to get around some limitations of Microsoft azure's iaas front end.
If I had to move the public access interface to HTTP on port 80 or even a whole different web site on the same server, that's a possibility as well.
Some of the challenges I'm seeing are:
- URL Always allow and Deny rules apply to the whole server, while Filtering Rules are web site specific.
- The devs placed their solution folders straight in the root folder
eg
https://hostname/solution1/services....
https://hostname/solution2/services....
if they had've put all the solution folder in a higher level esb folder, then this may have been easier to manage. But this can't be changed now.
eg
https://hostname/esb/solution1/services....
https://hostname/esb/solution2/services....