kcheick on Wed, 01 Jun 2016 23:44:13

Our deployment contains two websites, a public and a private one. We would like to restrict the access to the private website to the ip address of the public website. 
For that we need to update the IpSecurity section of the web.config file by setting the list of outbound addresses of the public website. We are currently investigating the ways to do it at deployment time and so far it looks like only an ftp connection to the webserver would work but will require opening and insecure connection to the webserver and we would like to avoid that. 

Is this possible with a azure resrouce template or is there any other/better solution to achieve this


AshokPeddakotla-MSFT on Thu, 02 Jun 2016 14:30:42



Thank you for posting here!

As you specified adding the IP Security rule is best practice. Check the SO thread for steps.

You may try setting up DIP restriction and check the web.config file transformations to automate the process.

Hope this helps.