JabbaTheNut
Programmer
I want to restrict access to a subdirectory based on the port over which the request came. For example, if the request comes over port 80, it would be denied. If it comes in over port 8080, it would be allowed.
I know this sounds strange, but here is why I want to do this. I am using an SSL offloader to offload SSL transactions. The way it works is as follows...
1. Request comes in on port 443 (SSL) to the SSL offloader.
2. The request is decrypted by the offloader and forwarded to the web server in clear text format over a chosen port (i.e. 8080).
3. The web server serves up the request which is then encrypted by the offloader and sent to the client.
In the above scenario, the web server does not know the request is SSL. It only knows it is coming in over port 8080.
Most of my content does not require SSL and accepts requests over port 80.
I have one subdirectory that requires secure transactions. If I set my website in IIS to accept both ports 80 and 8080, and restrict my secure subdirectory to accept only those requests coming in over 8080, then I will be in business. Please note: the offloader will block all outside requests over port 8080. Consequently, all port 8080 requests received by the web server will only come from the offloader (indicates the transaction must be SSL).
Can I use the web.config file to restrict access to a subdirectory based on the port over which a request comes? If so, what is an example entry?
Thanks
Game Over, Man!
I know this sounds strange, but here is why I want to do this. I am using an SSL offloader to offload SSL transactions. The way it works is as follows...
1. Request comes in on port 443 (SSL) to the SSL offloader.
2. The request is decrypted by the offloader and forwarded to the web server in clear text format over a chosen port (i.e. 8080).
3. The web server serves up the request which is then encrypted by the offloader and sent to the client.
In the above scenario, the web server does not know the request is SSL. It only knows it is coming in over port 8080.
Most of my content does not require SSL and accepts requests over port 80.
I have one subdirectory that requires secure transactions. If I set my website in IIS to accept both ports 80 and 8080, and restrict my secure subdirectory to accept only those requests coming in over 8080, then I will be in business. Please note: the offloader will block all outside requests over port 8080. Consequently, all port 8080 requests received by the web server will only come from the offloader (indicates the transaction must be SSL).
Can I use the web.config file to restrict access to a subdirectory based on the port over which a request comes? If so, what is an example entry?
Thanks
Game Over, Man!