# Enable IP Filtering Feature in IIS using PowerShell
Install-WindowsFeature Web-IP-Security
Restart-Service W3SVC
# Optional: Run IIS Manager GUI
# $env:windir\system32\inetsrv\InetMgr.exe
# Select the default website
$defaultWebsite=get-website|?{$_.id -eq 1}
$physicalPath=$defaultWebsite.PhysicalPath
$subSite=''
$entryPoint=$physicalPath+$subSite
# Show files
$siteFiles=gci $physicalPath
$siteFiles|write-host
$index=$siteFiles|?{$_.Name -match '^(default|index)\.\w+$'}
write-host "Index file is: $($index.FullName)"
# Deny All
Set-WebConfigurationProperty -Filter '/system.webServer/security/ipSecurity' -Location "$entryPoint" -Name allowUnlisted -Value False
# Deny from a specific IP or network
$ipAddress='192.168.20.0'
$subnetMask=24
$allowed='false'
Add-WebConfiguration -Filter '/system.webServer/security/ipSecurity' -Location "$entryPoint" -Value @{ipAddress="$ipAddress";subnetMask="$subnetMask";allowed="$allowed"}
# Allow traffic from a specific IP or network
$ipAddress='192.168.20.0'
$subnetMask=24
$allowed='true'
Add-WebConfiguration -Filter '/system.webServer/security/ipSecurity' -Location "$entryPoint" -Value @{ipAddress="$ipAddress";subnetMask="$subnetMask";allowed="$allowed"}
# Restart
Restart-WebItem -PSPath "IIS:\Sites\$entryPoint"
Categories:
