StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POalternate ways of restricting asp.net website (other than by IP & password)
primarykey
Id
20684225
data
AcceptedAnswerId
0
AnswerCount
1
ClosedDate
CommentCount
5
CommunityOwnedDate
CreationDate
2013-12-19T14:27:07.643
FavoriteCount
1
LastActivityDate
2013-12-20T19:40:01.903
LastEditDate
2013-12-20T19:40:01.903
LastEditorUserId
27497
OwnerUserId
27497
ParentId
0
PostTypeId
1
Score
1
ViewCount
230
LastEditorDisplayName
text
Body
I am currently IP restricting several asp.net websites using rewrite rules in my web.config that match our office IP range. <pre><code><system.webServer> <rewrite> <rules> <rule name="Block IP" stopProcessing="true"> <match url="^403.html$" negate="true"/> <conditions> <add input="{HTTP_X_CLUSTER_CLIENT_IP}" pattern="{MY OFFICE IP RANGE}" negate="true"/> </conditions> <action type="Redirect" url="403.html" redirectType="SeeOther"/> </rule> </rules> </rewrite> </code></pre> The sites also require a username and password in order to view anything. But I'd like to have a second layer of protection like an ip block that prevents malicious activity. Since I often have people outside of our office that need to access the site, I can't always keep the IP block in place. What are some alternate ways of restricting access to asp.net websites that will work in a standard shared hosting environment? (something like VPN isn't an option since my webhost doesn't provide anything like that). Edit: It has been brought to my attention that you can also configure the ip filtering using the native features of IIS rather than rewrite rules. Here is an example: <pre><code><security> <ipSecurity allowUnlisted="true">  <clear/>  <add ipAddress="83.116.19.53"/>  <add ipAddress="83.116.119.0" subnetMask="255.255.255.0"/>  <add ipAddress="83.116.0.0" subnetMask="255.255.0.0"/>  <add ipAddress="83.0.0.0" subnetMask="255.0.0.0"/>  </ipSecurity> </security> </code></pre> Edit: To clarify what I'm asking for - I'm looking for OTHER ways to restrict access to a site. My ip filtering works fine. However it isn't ideal since my users sometimes access from ip addresses not on the list. 
Tags
<asp.net><security>
Title
alternate ways of restricting asp.net website (other than by IP & password)
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. USRafe
UserOwnerUserId
1. USRafe
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. This table or related slice is empty.
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.