IIS Limit access to file + Basic Authentication

0
votes

I have a simple internal site using IIS 8.5 Basic Authentication. In one specific html file I want to restrict even further to some users/roles.

UPDATE: This is my Web.config, I can still access the inhouse.html file in a browser with my Windows (LDAP) account. I want to block all users to access this. Then to only allow a few users.

<?xml version="1.0"?>
<configuration>

<system.web>
  <compilation debug="true" targetFramework="4.6" />
  <httpRuntime targetFramework="4.6" />
  <authentication mode="Windows" />
</system.web>

<location path="inhouse.html">
   <system.web>
       <authorization>
          <remove users="*" roles="" verbs="" />

       </authorization>
   </system.web>
</location>

</configuration>
1
securityiisweb-configiis-8.5

1 Answers

0
votes

Try this:

<location path="inhouse.html">
   <system.web>
       <authorization>
          <remove users="*" roles="" verbs="" />
          --add the users you want here.
       </authorization>
   </system.web>
</location>

It depends on the rest of your web.config as to whether system.webserver or system.web applies.