asp net core 2.* IpRestrictionModule

Question

asp net core 1.* used to work with IpRestrictionModule, now it doesn't... here are my settings

<system.webServer>
    <!--http://www.henrihietala.fi/limit-access-to-your-azure-web-app-by-ip-address-asp-net-core/-->
    <!--http://www.sasanyeganegi.com/2013/12/how-to-restrict-access-by-ip-in-aspnet.html-->
    <security>

      <!-- this line blocks everybody, except those listed below -->
      <ipSecurity allowUnlisted="true">

        <!-- removes all upstream restrictions -->
        <clear/>

        <!-- allow requests from the local machine -->
        <add ipAddress="127.0.0.1" allowed="true"/>

        <!--allow network 83.116.119.0 to 83.116.119.255-->
        <!--<add ipAddress="83.116.119.0" subnetMask="255.255.255.0" allowed="true"/>-->

        <!-- allow the specific IP of 83.116.19.53  -->
        <add ipAddress="83.116.19.53" allowed="true"/>

        <!--allow network 83.116.0.0 to 83.116.255.255-->
        <!--<add ipAddress="83.116.0.0" subnetMask="255.255.0.0" allowed="true"/>-->

        <!--allow entire /8 network of 83.0.0.0 to 83.255.255.255-->
        <!--<add ipAddress="83.0.0.0" subnetMask="255.0.0.0" allowed="true"/>-->

      </ipSecurity>

    </security>
</system.webServer>

the following is the error :

Detailed Error Information:

Module      IpRestrictionModule
Notification    BeginRequest
Handler     aspNetCore
Error Code  0x80070021
Config Error    This configuration section cannot be used at this path. This happens when the section is locked at a parent level. Locking is either by default (overrideModeDefault="Deny"), or set explicitly by a location tag with overrideMode="Deny" or the legacy allowOverride="false".

Config File \\?\C:\Users\XXXXXXX\repos\YYYY\ZZZZZ\web.config

Config Source:
   13:       <!-- this line blocks everybody, except those listed below -->
   14:       <ipSecurity allowUnlisted="true">
   15:

did asp.net core 2.* change how IpRestrictionModule is implemented?

i used localhost, might have coursed the issue... doing more tests... — McKabue, Jan 08 '18 at 10:03
https://stackoverflow.com/questions/9794985/iis-this-configuration-section-cannot-be-used-at-this-path-configuration-lock — Md. Tazbir Ur Rahman Bhuiyan, Jan 08 '18 at 10:18
see this also: https://github.com/aspnet/IISIntegration/issues/24 — Md. Tazbir Ur Rahman Bhuiyan, Jan 08 '18 at 10:20

score 0 · Answer 1 · answered Jan 08 '18 at 17:06

my localhost (located in C:/Windows/System32/drivers/etc/hosts ) had

# localhost name resolution is handled within DNS itself.
#   127.0.0.1       localhost
#   ::1             localhost

so http://localhost:3023 picked the last one :: ::1 and its not an IP ADDRESS, so IpRestrictionModule will never be able to resolve it.

asp net core 2.* IpRestrictionModule

1 Answers1