Ask the Expert

Is it possible to password protect a Web server remotely?

We have a Windows 2000 Server running IIS 5 on a university campus. I would like to know if it is possible to password protect the Web server if accessed from outside the campus. Also, can we allow 'no password' access from within the campus? We achieved this with our Linux Web server which runs Apache, but we still need a Windows Web server as well.

    Requires Free Membership to View

This is a bit tricky, but I think it will work. First, configure your IIS server with two IP addresses: one for the internal Web site, and one for the external Web site.

Second, modify the Web server's record on your internal DNS server so that it resolves to the Web site's internal IP address. The Web server's public DNS record should still resolve to the Web site's external IP address.

Third, create a second Web site within IIS and configure it exactly the same as the current Web site except for one key difference: it listens for requests on the external IP address only. To modify this setting, launch Internet Services Manager, view the external Web site's properties, and then click the Web Site tab. Click the Advanced button, click the Add button, and specify the external IP address. Click OK to return to the Web Site Properties dialog, and then click the Directory Security tab. Click the Edit button in the "Anonymous Access And Authentication Control" grouping, and clear the Anonymous Access checkbox. Now you have one Web site that requires authentication.

Finally, view the properties of the original (now the internal) Web site. Click the Directory Security tab, and then click the Edit button in the "IP Address And Domain Name Restrictions" grouping. Select the Denied Access radio button. Then, click the Add button. On the Deny Access On dialog, select Group Of Computers, and specify the Network ID and Subnet Mask of a subnet on your campus that you do not want to require authentication for. Repeat this process until every network address has been added.

That should do it. Good luck. If you have development skills, you could create an ISAPI filter or an ASP.NET application to handle this, but I prefer solutions that don't involve writing code.

This was first published in March 2004

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: