Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

App Control: Checking for IP and Domain Restrictions

App Control: Checking for IP and Domain Restrictions

Environment

  • App Control Server: 8.0 and Higher
  • Microsoft Internet Information Services (IIS): 6.0 and Higher
 

Symptoms

  • When limiting specific IP addresses to access the console, API communication can break on some pages
  • Errors displayed in the site show:
    HTTP Error 403.503 - Forbidden
    You do not have permission to view this directory or page.

Cause

  • Missing IPv6
  • DNS routing

Resolution

  1. Open up the IIS Management Console
  2. Navigate to the Server Name and open up IP Address and Domain Restrictions
  3. Confirm if any restrictions are added, If there are entries then skip to step 4
    1. If this is empty
    2. click Edit Feature Settings
    3. Confirm "Access for unspecified clients" is set to Allow, then skip to step 6
  4. If there are any allowed entries, add the loopback and IPv6 (Link-local IPv6 Address found with ipconfig /all)
    IIS IP and Domain Restrictions
  5. Confirm the Applications servers FQDN is resolved by DNS to the IP address entered
  6. Restart IIS Services

 


Additional Notes

  • Both the Server Name and Parity Console Web section can have their own IP Address and Domain Restrictions
  • Most commonly seen with SoftwareRules.php and Files.php pages

Related Content


Labels (1)
Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎11-30-2018
Views:
2467
Contributors