Open access dashboards restrict access on IP-number

We have open access dashboards both for internal use(operations), company users and external use. We would like to restrict so that the dashboards only can be accessed from certain subnets or IP-numbers.

Since there is information on the internal that we don’t want the company users and external users to see.

I now that they probably wont be able to find the URL the page but if they somehow do.

Cant see any easy way to do this. IP restriction in IIS wont do in this case as there is not a file that is going to be accessed.

I saw in another thread a tip of a web application proxy. That will be plan B.

I have dropped Squaredup a line for a feature request but maybe someone has a smart solution for this?

1 Like

I’m pretty sure you should be able to use the IP Restrictions here - it might be a case of right clicking the Website or folder to get to the right place though.

If that doesn’t work then you can almost certainly use the URL Rewrite Module. Something like this (not tested):

    <rule name="Block OA" stopprocessing="true">
          <match url="(^openaccess)" ignorecase="true" />
            <add negate="true" pattern="10\.10\.10\.10" input="{REMOTE_ADDR}" />
          <action type="AbortRequest" />

I managed to do it via the rewrite module.
Matched the path to the guid of the open access dashboard and then matched the pattern of the remote address.

Awesome! Didn’t even know this was possible :wink: Nicely done ClarkD