Restrict page by IP

[Billy Bob]

Working in ASP/VBSCRIPT, I have a snippet that denies access to a page if
the user's IP does not belong to the local network:

<%
Dim RemoteAddr
RemoteAddr = Request.ServerVariables("REMOTE_ADDR")
If instr(RemoteAddr, "192.168.0") Then
Else Response.Redirect ("/Login/entry_denied.asp")
End If
%>

I need to apply this to a ASPX page. Can you help me with the syntax?

 

[David Wier]

Just put this logic at the very first of the Page_Load routine, in your ASPX
page
change Dim RemoteAddr to:
Dim RemoteAddr as String
remove the <% %> tags and you're good to go

 

[Mark Rae]

Working in ASP/VBSCRIPT, I have a snippet that denies access to a page if
the user's IP does not belong to the local network:

<%
Dim RemoteAddr
RemoteAddr = Request.ServerVariables("REMOTE_ADDR")
If instr(RemoteAddr, "192.168.0") Then
Else Response.Redirect ("/Login/entry_denied.asp")
End If
%>

I need to apply this to a ASPX page. Can you help me with the syntax?

private void Page_Load(object sender, System.EventArgs e)
{
if
(!Request.ServerVariables["REMOTE_ADDR"].ToString().StartsWith("192.168.0"))
{
Response.Redirect ("/Login/entry_denied.asp", false);
}
}

 

[Juan T. Llibre]

There's also an extraneous "Else"...

This should cover it, if placed in the Page_Load event :

Dim RemoteAddr as String = Request.ServerVariables("REMOTE_ADDR")
If instr(RemoteAddr, "192.168.0") Then
Response.Redirect ("/Login/entry_denied.asp")
End If

Mark's code is simpler, though.

 

[Billy Bob]

I get the error: Only Content controls are allowed directly in a content
page that contains Content controls.
for the line Dim RemoteAddr as String

I am way out of my comfort zone.... anything else?


Bill

 

[Billy Bob]

My mistake on the original code, should be:

Dim RemoteAddr as String = Request.ServerVariables("REMOTE_ADDR")
If instr(RemoteAddr, "192.168.0") <> 0 Then
Response.Redirect ("/Login/entry_denied.asp")
End If

 

[Juan T. Llibre]

Yup. It *was* "extraneous".



Did you try Mark's code ? That should work.

Since you're using VB.NET, and not C#,
which he used for the sample, here it is in VB.NET :

Private Sub Page_Load(sender As Object, e As System.EventArgs)
If Not Request.ServerVariables("REMOTE_ADDR").ToString().StartsWith("192.168.0") Then
Response.Redirect("/Login/entry_denied.asp", False)
End If
End Sub

Try it...

 

[Mark Rae]

I get the error: Only Content controls are allowed directly in a content
page that contains Content controls.
for the line Dim RemoteAddr as String

1) Are you using MasterPages...?

2) Are you writing your server-side code in-line or in separate code
files...?

 

[John Timney \(MVP\)]

Lots of good sugegstions, if it were me I would create an httpmodule that
checks the IPs in the beginRequest event. That way it applies to all pages
and you dont have to put it anywhere else. Code it once, and use it
whereever

http://www.devx.com/dotnet/Article/6962/0/page/1


Regards

John Timney (MVP)
http://www.johntimney.com
http://www.johntimney.com/blog

 

[Billy Bob]

I get the error: Only Content controls are allowed directly in a content

1) Are you using MasterPages...?

2) Are you writing your server-side code in-line or in separate code
files...?

1) MasterPages, yes.
2) ServerSide code is in a separate file, filename.aspx.cs

Thank you for your time. Apparently I didn't provide enough information with
my first request.

 

[Mark Rae]

1) MasterPages, yes.
2) ServerSide code is in a separate file, filename.aspx.cs

In which case, if you just want the IP restriction to apply to certain
content pages, put the code in the Page_Load event behind the individual
content page(s).

Or, if you want it to apply to all content pages, put it in the MasterPage's
Page_Load event - however, if your entry_denied page is also a content page,
you'll get stuck in a loop...

If you want it to apply to the entire site, follow John's suggestion.

 

[Billy Bob]

Thank you.