Skip to content
Mike Evans-Larah By Mike Evans-Larah Software Engineer III
Restrict access to Azure Websites by accept-listing

By utilising the IP and Domain Restrictions feature in IIS (available since IIS7), it is possible to lock down your Azure Website to only allow access to IP addresses and domains that you have specified in an accept-list.

To allow a single IPv4 address, add the following node to your web.config:

To allow access from a domain, you must enable reverse DNS lookup:

Azure Weekly is a summary of the week's top Microsoft Azure news from AI to Availability Zones. Keep on top of all the latest Azure developments!

Be aware though that enabling the reverse DNS lookup will slow down requests and use up more resources, so is not recommended for production sites.

It is also possible to use the IP security configuration to blacklist specific IP addresses/domains by setting the 'allowed' attribute to 'false'. See the documentation for a full list of available options.

The best hour you can spend to refine your own data strategy and leverage the latest capabilities on Azure to accelerate your road map.

Another thing to note is that if you try running the website locally with any of these configurations, you may see the following error:

"This configuration section cannot be used at this path. This happens when the section is locked at a parent level"

If you only require the whitelisting when deployed, then you can get around this by adding the configuration to the web.config.release transformation file instead of the web.config. This way the configuration will not be included when running locally in debug mode, but will automatically be added to the release configuration when deploying to Azure Websites.


Mike Evans-Larah

Software Engineer III

Mike Evans-Larah

Mike is a Software Engineer at endjin with over a decade of experience in solving business problems with technology. He has worked on a wide range of projects for clients across industries such as financial services, recruitment, and retail, with a strong focus on Azure technologies.