I need umbraco completely blocked from the public for
a client, e.g. cant access the login page, but still accessible on their
internal network.
I’ve managed to get it running on server 2008/IIS7 but my solution is not ideal so anyone got a better way to do this?
I have 2 websites pointing to the same file set
one of which will
have a bogus host header which they can manage internally so only they can
access it on their private network, this one will need umbraco working.
That blocked website can run under it’s own application pool using ‘ApplicationPoolIdentity’.
The second ‘public’ site runs under ‘network service’
I then use file
permissions to deny access to the umbraco folder altogether for that network service user.
There are
a few side-effects but generally I get the desired result
I’m absolutely sure though that I am missing a simple
solution..
Request filtering in IIS would allow this to happen except I can't figure out how to make that unique to the host header or website. - Is it possible in .net to simply write a custom request filter?
I also thought of having 2 complete sites pointing to the same database but that causes more headaches with media and xml cache files.
Restricting umbraco access from a public network
I need umbraco completely blocked from the public for a client, e.g. cant access the login page, but still accessible on their internal network.
I’ve managed to get it running on server 2008/IIS7 but my solution is not ideal so anyone got a better way to do this?
I’m absolutely sure though that I am missing a simple solution..
Request filtering in IIS would allow this to happen except I can't figure out how to make that unique to the host header or website. - Is it possible in .net to simply write a custom request filter?
I also thought of having 2 complete sites pointing to the same database but that causes more headaches with media and xml cache files.
is working on a reply...