Allow or Deny Remote Connections from Unspecified Clients (IIS 7)

Applies To: Windows Server 2008, Windows Server 2008 R2

By default, IISĀ 7 allows computers that use any IPv4 address to access a remote server by using IIS Manager for management purposes. For increased security, you can deny all connections to the management service except those that come from a specific set of IPv4 addresses.

Note

Only server administrators who are using IIS Manager on the local computer can configure the management service.

Prerequisites

For information about the levels at which you can perform this procedure, and the modules, handlers, and permissions that are required to perform this procedure, see Management Service Feature Requirements (IIS 7).

Exceptions to feature requirements

  • None

To allow or deny remote connections from unspecified clients

  1. Open IIS Manager. For information about opening IIS Manager, see Open IIS Manager (IIS 7).

  2. In the Connections pane, click the server node in the tree.

  3. In Features View, double-click Management Service.

  4. On the Management Service page, in the Actions pane, click Stop to stop the management service.

  5. Select the Enable remote connections box.

  6. Under IPv4 Address Restrictions, select one of the following values from the Access for unspecified clients list:

    • Allow: Select this value when you want to accept remote connections from clients that do not match a deny restriction in the IPv4 Address Restriction list for the management service.

    • Deny: Select this value when you want to deny remote connections from all clients that do not match an allow restriction in the IPv4 Address Restriction list for the management service.

  7. In the Actions pane, click Apply and then click Start.

See Also

Concepts

Configuring Remote Management (IIS 7)