I would like to block (or allow) some ip from site in IIS for a specific URL. Actually I have that rule in my web.config for a rewrite url:
<rule name="FOO_RULE" stopProcessing="true">
<match url="foo/(.*)" ignoreCase="false" />
<action type="Rewrite" url="http://pippo.it/{R:0}" logRewrittenUrl="true" />
</rule>
This rule work properly for all IP caller and this is OK.
Now, I need the same rule with blocking some IP for a specific path. The problem is that path start with "foo/" (example "foo/rest/API/getName") and IIS will work for only FOO_RULE.
I've tryied to:
- Created a new rule for only that path ("foo/rest/API/getName") EXCEPTION_FOO_PATH in the same web.config of my site, with restrict for some IP like that:
<rules>
<rule name="FOO_RULE" stopProcessing="true">
<match url="foo/(.*)" ignoreCase="false" />
<action type="Rewrite" url="http://pippo.it/{R:0}" logRewrittenUrl="true" />
<conditions>
<add input="{REQUEST_URI}" pattern="foo/rest/API/getName" negate="true" />
</conditions>
</rule>
<rule name="EXCEPTION_FOO_PATH">
<match url="foo/rest/API/getName" />
<conditions>
<add input="{REMOTE_ADDR}" pattern="111.222.333.444" negate="true" />
</conditions>
<action type="Rewrite" url="http://pippo.it/{R:0}" logRewrittenUrl="true" />
</rule>
</rules>
and this not working (same if I comment the condition in FOO_RULE);
- Created an application inside main site of IIS with a rule for "foo/rest/API/getName" (generated a new web.config) and added restrict for some IP (from plugin IIS) but, still not working;
The concept is that not destroying the original FOO_RULE
Anyone have any idea? Thank you in advance!
You can reverse the two rules, delete the condition in the "FOO_RULE" and block request in "EXCEPTION_FOO_PATH" (look at logicalgrouping="MatchAny"):
So the first rule apply first: