Skip to content

Instantly share code, notes, and snippets.

@asontu

asontu/ManageWhiteListedIPs.aspx

Last active February 13, 2021 17:50
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save asontu/a8d24cc0730e2a78608e6e326eb17561 to your computer and use it in GitHub Desktop.
Save asontu/a8d24cc0730e2a78608e6e326eb17561 to your computer and use it in GitHub Desktop.
Download ZIP
Admin page to add/remove IP's to IIS's IP address and domain restrictions feature for Identity Server IP white-listing. Further reading here: https://asontu.github.io/2020/12/28/admin-panel-to-whitelist-ips-for-identity-server.html
Raw
ManageWhiteListedIPs.aspx
<%@ Page Language="C#" AutoEventWireup="true" Debug="true" %>
<%@ Import Namespace="System.Collections.Generic" %>
<%@ Import Namespace="System.Linq" %>
<%@ Import Namespace="System.Data.Linq" %>
<%@ Import Namespace="Microsoft.Web.Administration" %>
<%@ Import Namespace="Sitecore" %>
<script runat="server" language="c#">
// For this administration page to work, IIS needs to be configured to allow Read/Write
// delegation of the IP Address and Domain Restrictions feature on the Site of Interest
// (overrideMode="Allow" for system.webServer/security/ipSecurity)
// And the user this page runs under (App Pool) must have read/write access to both:
// - %SystemRoot%\System32\inetsrv\config of the webserver
// - web.config of the Site of Interest
private const string siteOfInterest = "NAME OF YOUR IIS SITE";
private ServerManager serverManager;
private ServerManager ServerManager
{
get
{
return serverManager ?? (serverManager = new ServerManager());
}
}
private Microsoft.Web.Administration.ConfigurationElementCollection IpCollection
{
get
{
return ServerManager.Sites
.FirstOrDefault(s => s.Name.Equals(siteOfInterest))
.GetWebConfiguration()
.GetSection("system.webServer/security/ipSecurity")
.GetCollection();
}
}
protected override void OnInit(EventArgs arguments)
{
CheckSecurity(true);
BindRepeater();
}
public void Page_Load(object sender, EventArgs args)
{
CheckSecurity(true);
if (!IsPostBack)
{
BindRepeater();
}
}
private void BindRepeater()
{
rpt.DataSource = IpCollection
.Select(ip => ip.GetAttributeValue("ipAddress").ToString())
.OrderBy(ip => ip);
rpt.DataBind();
}
private void RemoveValue(object source, CommandEventArgs commandEventArgs)
{
var ipToRemove = (string) commandEventArgs.CommandArgument;
IpCollection
.FirstOrDefault(ip => ip.GetAttributeValue("ipAddress").Equals(ipToRemove))
.Delete();
ServerManager.CommitChanges();
BindRepeater();
}
private void SaveValue(object sender, EventArgs e)
{
if (string.IsNullOrEmpty(txtValue.Text))
{
return;
}
var newIpElement = IpCollection.CreateElement();
newIpElement.SetAttributeValue("ipAddress", txtValue.Text);
newIpElement.SetAttributeValue("allowed", true);
IpCollection.Add(newIpElement);
ServerManager.CommitChanges();
BindRepeater();
txtValue.Text = string.Empty;
}
private void CheckSecurity(bool isDeveloperAllowed)
{
if (Sitecore.Context.User.IsAdministrator || (isDeveloperAllowed && this.IsDeveloper)) return;
var site = Sitecore.Context.Site;
if (site != null)
{
base.Response.Redirect(string.Format("{0}?returnUrl={1}", site.LoginPage, HttpUtility.UrlEncode(base.Request.Url.PathAndQuery)));
}
}
private bool IsDeveloper
{
get
{
return User.IsInRole(@"sitecore\developer") || User.IsInRole(@"sitecore\sitecore client developing");
}
}
</script>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title>Manage white-listed IP's</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="Stylesheet" type="text/css" href="../default.css" />
<link rel="Stylesheet" type="text/css" href="/sitecore/shell/themes/standard/default/WebFramework.css" />
<style type="text/css">
body {
font-size: 16px !important;
background-attachment: fixed;
}
form.wf-container {
width: auto;
max-width: 860px;
}
.wf-content {
padding: 1em !important;
}
h1 {
padding: 1em 0 !important;
}
</style>
</head>
<body>
<form id="form1" runat="server" class="wf-container">
<div class="wf-content">
<h1>Manage white-listed IP's</h1>
<table cellspacing="1" cellpadding="1" border="1">
<tr>
<th>IP address</th>
<th>&nbsp;</th>
</tr>
<asp:Repeater runat="server" id="rpt" ItemType="System.String" OnItemCommand="RemoveValue">
<ItemTemplate>
<tr style="<%# Container.ItemIndex % 2 == 1 ? string.Empty : "background-color: #ddd" %>">
<td><%#: Item %></td>
<td style="text-align: center">
<asp:LinkButton ForeColor="Red"
runat="server"
OnCommand="RemoveValue"
CommandArgument="<%#: Item %>"
OnClientClick="return confirm('Remove this IP?')">&#215;</asp:LinkButton>
</td>
</tr>
</ItemTemplate>
</asp:Repeater>
<tr>
<td><asp:TextBox runat="server" id="txtValue" ValidationExpression="" /></td>
<td style="text-align: center">
<asp:LinkButton ForeColor="Green" runat="server" OnClick="SaveValue">Add</asp:LinkButton>
</td>
</tr>
</table>
<asp:RegularExpressionValidator ID="RegularExpressionValidatorIp" runat="server"
ErrorMessage="Invalid IP Address!"
ValidationExpression="^(?!$)(?!.*?::.*?::)(?!.*?::.*?:$)(?!(?:[\da-fA-F]{1,4}(?::|$)){1,7}$)(?!(?:[\da-fA-F]{1,4}:){8})(?!:?(?::[\da-fA-F]{1,4}){8})(?!(?:[\da-fA-F]{1,4}:){7,}(?:\d+(?:\.|$)){4})(?!(?:[\da-fA-F]{1,4}:){6,}:(?:\d+(?:\.|$)){4})(?!(?:[\da-fA-F]{0,4}:){8,}(?:\d+(?:\.|$)){4})(?!(?:[\da-fA-F]{1,4}:){1,5}(?:\d+(?:\.|$)){4})(?:(?:::)?(?:[\da-fA-F]{1,4}(?:::?|$)){0,8})?(?:(?:(?:25[0-5]|2[0-4][0-9]|(?!00)1?[0-9][0-9]?)(?:\.|$)){4})?$"
ControlToValidate="txtValue"></asp:RegularExpressionValidator>
</div>
</form>
</body>
</html>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment