Search code examples
windowsiis-7iis-6powershell-4.0

Remove Ip From Ip and domain restriction through powershell on iis

How to remove ip and domain restrictions with powershell? I tried many references solution but i still cannot solve its. please help me,

References 1 Remove Ip From Ip and domain restriction through powershell references 2 https://www.titanwolf.org/Network/q/e32d7a33-0bf8-44c4-a162-dda21736d9d2/y

enter image description here

Solution

  • I think you may need to check the existing webconfig file to confirm the result of the modification. File name: ApplicationHost.config Location (IIS7 or higher version): %WinDir%\System32\Inetsrv\Config

    For the command below, I changed the location from your original which will not make any difference.

    Set-WebConfigurationProperty /system.webserver/security/ipsecurity -Name allowUnlisted -Value "true" -Location "IIS:\Sites\default web site"

    According to the given image, you set the value to "true" for the property name "allowUnlisted" in the location "system.webserver/security/ipsecurity", which could be found there. The section would be

    <system.webserver>
 <security>
  <ipSecurity allowUnlisted="true">
  </ipSecurity>
 </security>
</system.webserver>

    Then, if you want to change the last setting, you just need to modify the value to "false". Command:

    Set-WebConfigurationProperty /system.webserver/security/ipsecurity -Name allowUnlisted -Value "false" -Location "IIS:\Sites\default web site"

    The result would be:

    <system.webserver>
     <security>
      <ipSecurity allowUnlisted="false">
      </ipSecurity>
     </security>
    </system.webserver>

    For further usage of the command, you could read below example.

    Command: Add allowed ip

    add-WebConfiguration /system.webserver/security/ipsecurity -Location "iis:\default web site" -Value @{ipaddress="192.168.1.1";allowed="true"} -PSPath IIS:\

    Result:

       <system.webserver>
     <security>
      <ipSecurity allowUnlisted="false">
        <add ipAddress="192.168.1.1" allowed="true" />
      </ipSecurity>
     </security>
    </system.webserver>

    Command: Remove the allowed ip

    Remove-WebConfigurationProperty /system.webServer/security/ipSecurity -location "iis:\default web site" -Name "." -AtElement @{ipAddress="192.168.1.1";allowed="true"}  -PSPath IIS:\

    Result:

       <system.webserver>
     <security>
      <ipSecurity allowUnlisted="false">
      </ipSecurity>
     </security>
    </system.webserver>

    Another way to remove it: Set allow from "true" to "false" Command:

    Set-WebConfigurationProperty /system.webserver/security/ipsecurity -Name "." -AtElement @{ipAddress="192.168.1.1";allowed="true"} -Value @{ipAddress="192.168.1.1";allowed="false"} -Location "IIS:\Sites\default web site"

    Result:

    <system.webserver>
 <security>
  <ipSecurity allowUnlisted="false">
    <add ipAddress="192.168.1.1" allowed="false" />
  </ipSecurity>
 </security>
</system.webserver>

    Hope helps.