Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Rohan 105 posts 162 karma points
    Feb 14, 2015 @ 09:41
    Rohan
    0

    how to restrict Umbraco backoffice access from external users

    Hi

    I am working on one website build on Umbraco 7.1.6

    Now i need to published the website. So user can access it.

    Now the main concerns is that I don't want external user to bee able to access Umbraco backoffice through URL like below

    www.<mydomain>.com/Umbraco/

    I know i can restrict the IP in IIS for specific IP addess. But it's causing the issue in my website.

    In my website i have used AJAX call on some methods with ANTI FORGERY stuff. So restrict the IP in IIS , stop the functionality on my website where i have used AJAX call.

    Is ther any other way i can prevent external user to browser Umbraco back office ?

    Your help would be really appreciated !

    Thanks in advance !

    Rohan Dave

  • Tobias Klika 101 posts 570 karma points c-trib
    Feb 14, 2015 @ 10:36
    Tobias Klika
    0

    Hi!

    I don't think the issue is that you are using "anti forgery stuff"?
    Which URL do you need to be accessible? As you say AJAX I assume you call SurfaceControllers?

    If this is the case you could try the following:
    Use the URL Rewrite module in IIS and create a new rule, which only allows access from your specified IPs to the URL /umbraco. Exactly this URL, and not an URL that starts with umbraco. All URIs in the backend are hashes, which don't get send to the server.

  • Rohan 105 posts 162 karma points
    Feb 16, 2015 @ 07:59
    Rohan
    0

    Hi Tobias

    Thanks for your guidance here.

    Yes i am usign SurfaceController.

    Can you please share any link to implement URL rewrite in IIS and creating rule etc ?

    Thanks,

    Rohan Dave

     

  • Tobias Klika 101 posts 570 karma points c-trib
    Feb 16, 2015 @ 11:39
    Tobias Klika
    1

    Please take a look at this short video on how to implement it.

  • Tony Groome 261 posts 804 karma points
    Feb 16, 2015 @ 12:32
    Tony Groome
    0

    Hi Tobias

    Thanks for the link. It's just what I needed. :)

    Tony

  • Ismail Mayat 4511 posts 10091 karma points MVP 2x admin c-trib
    Mar 20, 2015 @ 11:07
    Ismail Mayat
    0

    Guys,

    I am trying https://our.umbraco.org/forum/getting-started/installing-umbraco/63352-Restrict-access-to-Umbraco but only my first url works any ideas? 

    Cheers

    Ismail

Please Sign in or register to post replies

Write your reply to:

Draft