You can authorize access to the content on your Web site in two ways. If your site uses an authentication method that identifies its users, you can set up authorization rules that allow access to some users and deny access to others. If you want to authorize access based on domain names or an IP address space, you can use IP and domain restriction rules to allow access to some domains and deny access to others. You can mix and match these rules to configure an authorization scheme that provides the best level of security for your content.


The Authorization Rules and IPv4 and Domain Restrictions features are not installed by default. If you want to use either of these features, you must first install them.

  Step Reference
Check box

Read an overview of how to set up an authorization strategy.

Overview of IIS Authorization Features

Check box

Install IPv4 and Domain Restriction and Authorization Rules using the Add Role Services Wizard from Server Manager.

Installing IIS

Check box

Use IIS 7 to configure Authorization Rules.

Configure Authorization Rules

Check box

Use IIS 7 to configure IPv4 and Domain Restrictions.

Configure IPv4 Address and Domain Restrictions

See Also