Forgive my lack of IIS experience, but I have a user on a hosted server running IIS with Plesk. He uses protected folders, and I'm looking for a way to:
- Allow him to protect folders using a simple username/password combo
- Whitelist a static IP so the folder can always be accessed without auth from that server
It doesn't have to—and preferably wouldn't be—a Plesk-only solution. If there's a way to do it through web.config that would be even better.
I'm basically looking for the IIS equivalent of an Apache htaccess/htpasswd auth 🙂
Thanks!
Best Answer
There may be another way, but simply you can
- create a local user under Windows,
- add them to a local user group,
- remove anonymous access to the folder containing the web site and
- change file permissions to only allow access to members of the local user group
For the IP whitelist, there doesn't appear to be a way to override basic auth by IP address.
Its a bit of a kludge, but you could point a separate virtual site to the same directory and lock it down to nothing other than the local IP. Perhaps use host header to select the new site