Iis – Block directory access in IIS but allow specific file through

iisweb.config

Is it possible to block access to a directory through the web.config in IIS (excluding a small set of IPs) but allow through one specific file for everyone.

The reason I ask, I want to block the wp-admin directory in WordPress but the admin-ajax.php does need to be externally accessible.

Thanks.

Best Answer

For future reference, this was the solution:

<location path="wp-admin">
    <system.webServer>
        <security>
            <ipSecurity allowUnlisted="false">
    <clear/> 
                <add ipAddress="ipaddr" allowed="true" />
            </ipSecurity>
        </security>
    </system.webServer>
</location>

<location path="wp-admin/admin-ajax.php">
    <system.webServer>
        <security>
            <ipSecurity allowUnlisted="true">
            </ipSecurity>
        </security>
    </system.webServer>
</location>

Best Answer

Related Solutions

Iis – Access IIS Admin without local administrator rights

Iis – Enable Windows Authentication on website, allow only some users

Related Topic