Can I whitelist IP's using IIS running a PHP site?

Question

As outlined by this guys post, blocking IP's via PHP is pretty easy.

However, how can I do this, site wide, using IIS?

Here are my (big) caveats:

1. I do not have access to change the php.ini. So I can't use auto_prepend feature.
2. I am on Windows with IIS so I can't use .htaccess.
3. I don't have any PHP "footer" which gets called on all of the scripts. In fact, a lot of the pages are static HTML!

Is there any way I can use IIS to whitelist IP's?

The good news is that I have a static list of IP's to whitelist, so I wont need to easily change them.

Answer 1

You can whitelist IP addresses in IIS, which should give you the results you want.

• In IIS 6.0, right-click your website and choose properties.
• Go To the Directory Security tab.
• Click Edit for "IP addresses and domain name restrictions"
• Click the "Denied access" radio button.
• Enter any IP-addresses that you want allowed.