• Running Two Server Instances on the Same Hostname Using Different Ports
• Running Multiple Instances of the Alpha Anywhere Application Server
• Run multiple applications or web sites by using multiple Application Server configuration files
• Installing an SSL Server Certificate
• Check the clock
• Restricting Access by IP Address on the Classic Application Server
• Configuring and Running the Classic Application Server
• Starting the Classic Application Server
• Using a Systray Caption to differentiate multiple server instances

Restricting Access by IP Address on the Classic Application Server

Description

Access can be restricted to specific IP addresses for your Alpha Anywhere web applications and web services.

Discussion

The Application Server Control Panel allows you to restrict access by IP address on the Access tab. Access can be restricted by either defining a list of disallowed IP addresses or a list of allowed IP addresses. You must explicitly list each IP address. The Application Server does not support wild cards or ranges when specifying the IP address list. If you require this type of IP address blocking control -- or need to define both a list of denied and allowed IP addresses -- you can either use Xbasic to filter access by IP address (read below) or add IP address filtering to your firewall.

IP Restrictions can be set in the Access settings of the Classic Application Server

To enable IP restrictions, check the Enable box on the Access tab in the IP Restrictions settings. Choose to either Allow or Deny access for the IP addresses listed in the IP Addresses box -- you can only pick one. Add the IP addresses to allow or deny access to the Application Server to the IP Addresses. Then, save your changes. You will need to restart the Application Server for the changes to take effect.

Restricting IP Addresses on a per Page Basis

Restricting IP addresses using the Access settings in the Application Server is a server-wide configuration. To block (or allow) specific IP addresses at the page level, you can use Xbasic. Add the Xbasic to the top of your restricted pages to check the IP address, which is in the context.request.remote_addr variable. For example, the Xbasic below, when added to an .a5w page, would only allow access by the specified IP address. Anyone else would be redirected to a different page:

<%a5
if context.request.remote_addr <> "1.2.3.4"
    context.response.redirect("/unauthorized.html")
    end
end if
%>

Restricting Access on IIS and Alpha Cloud

To restrict access by IP address under IIS, you must use Microsoft's IP Address and Domain Restrictions tool or an external firewall. See Restricting Access by IP Address in IIS for more information.

To restrict access by IP address on Alpha Cloud, see Alpha Cloud Alpha Anywhere Developers Guide Managing Applications or Alpha Cloud Alpha Anywhere Developers Guide Managing Deployments for more information.

Limitations

Classic Application Server Only

See Also

• Restricting Access by IP Address in IIS
• Alpha Cloud Alpha Anywhere Developers Guide Managing Applications
• Alpha Cloud Alpha Anywhere Developers Guide Managing Deployments
• Access and Errors Settings
• Configuring and Running the Classic Server
• Request Variables