AI OnAI Off

Restrict non-production access to range of IP addresses in DXC

Jason Rodman
Jason Rodman
Vote:
 

I came across this article that discusses this very thing, but I was surprised to see it was a web.config solution using URL rewrite rules.
https://world.episerver.com/digital-experience-cloud-service/dxc-security/restricting-environment-access/

I was hoping for a more robust solution that allows me to use azure or cloudflare to restrict access that can be managed administratively, rather than by a developer in a web.config. Also even if the web.config way is the only option, how can you restrict based on multiple IP ranges? I am guessing I would just need a regex pattern that covers all ranges. Also, it also requires me to put host names in there, which can be added and changed by end users in the CMS as needed. Seems silly to have to publish a web.config change just to add a new host name. I am hoping there is a better way...

#205948
Jul 29, 2019 22:33
Stefan Holm Olsen
Stefan Holm Olsen
Vote:
 

Hi Jason

For this case, you should definitely consider using Cloudflare's IP Firewall feature. It is really cool and even supports more than just allowing/blocking IP ranges (see their options for yourself).

Because you are on DXC, you will have to ask Episerver Support to set up the rules you need on your behalf.

#205957
Jul 30, 2019 9:25
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.