Query 1 – Is it possible to change "IP Address and Domain Restrictions" on IIS 7.5 without restarting IIS?
Query 2 – How to invoke some batch file (or executable) every time an ASP.NET worker process is restarted?
We have an ASP.NET MVC site, that we are hosting on an IIS 7.5 server. We need to warm up the site by walking through many of the pages and functionality of the site.
The idea is to implement something like below:
- On every re-start of ASP.NET worker process or IIS, execute a batch file (or executable).
- In the batch file, configure IIS's "IP Address and Domain Restrictions" functionality to serve requests from localhost or
127.0.0.1 only. Deny requests from all other clients. - Next, in the batch file, fire HTTP requests to perform login, navigation, search, add-edit etc. functionality to perform the actual warm up.
- Once the warm up is over, configure IIS's "IP Address and Domain Restrictions" functionality to serve requests from all clients. Ensure that this change does not trigger an IIS reset.
PS: Please note that the IIS warm up module that used to be available at http://forums.iis.net/t/1176740.aspx has been removed since quite some time.
PS: Please see https://stackoverflow.com/questions/7387123/how-to-warm-up-an-asp-net-mvc-application-on-iis-7-5/7387528#7387528 for developer focused query.
Update 1: The following code was built using IIS as per Scott's answer. Unfortunately, calling these methods restart the ASP.NET worker process. How to stop this? BTW, am not posting code for FindElement() routine, as it seems generic in nature.
internal static void AllowOnlyLocalUsers()
{
using (ServerManager serverManager = new ServerManager())
{
Configuration config = serverManager.GetApplicationHostConfiguration();
ConfigurationSection ipSecuritySection = config.GetSection("system.webServer/security/ipSecurity", "MyApplication");
ipSecuritySection["allowUnlisted"] = false;
ConfigurationElementCollection ipSecurityCollection = ipSecuritySection.GetCollection();
ConfigurationElement addElement = ipSecurityCollection.CreateElement("add");
addElement["ipAddress"] = @"127.0.0.1";
addElement["allowed"] = true;
ipSecurityCollection.Add(addElement);
serverManager.CommitChanges();
}
}
internal static void AllowAllUsers()
{
using (ServerManager serverManager = new ServerManager())
{
Configuration config = serverManager.GetApplicationHostConfiguration();
ConfigurationSection ipSecuritySection = config.GetSection("system.webServer/security/ipSecurity", "MyApplication");
ipSecuritySection["allowUnlisted"] = true;
ConfigurationElementCollection ipSecurityCollection = ipSecuritySection.GetCollection();
ConfigurationElement addElement = FindElement(ipSecurityCollection, "add", "ipAddress", @"127.0.0.1", "subnetMask", @"255.255.255.255", "domainName", @"");
if (addElement != null)
{
ipSecurityCollection.Remove(addElement);
}
serverManager.CommitChanges();
}
}
Best Answer
You can set IP restrictions in applicationHost.config in a location tag for your site. If you do that, then it won't cause an appdomain recycle. URL Rewrite at the global level is another option.
Week 12 and week 18 of my video series cover AppDomains and editing apphost.config.
To script it, use appcmd. The best way to do that is to start with Configuration Editor in IIS, make the change you want, then "Generate Script" from the actions pane on the right. The appcmd command will be there.
As for the 2nd question, you'll need to get a handle on your application startup within your project and have that trigger an event. An async call will allow it to start your startup script while allowing the page to continue, otherwise you'll run into a locking issue.