Securing IIS website
Neurons for ITSM on-premises installation allows installing ITSM modules on multiple machines and this requires securing the infrastructure within and outside the intranet. To ensure secure installation, administrators can define and manage rules that allow or deny access of specific IP addresses, range of IP addresses, or domain name(s) to the modules.
Add access restriction for CentralConfig application
1.Open the Internet Information Services (IIS) of the machine in which the CentralConfig is installed.
2.Select CentralConfig web application.
3.Select the Features View tab and select the IP Address and Domain Restriction option.
4.Alternatively, if IP Address and Domain Restriction is not available,
a. | Open Server Manager by clicking Start > Administrative Tools > Server Manager. |
b. | Select Role-based or Feature-based, then select your server and click Next. |
c. | Click Add Role Services to add the required role. |
d. | From the Select Role Services, navigate to Web Server (IIS) > Web Server > Security. |
e. | Select the IP and Domain Restrictions checkbox and click Next. |
f. | From the Confirm Installation Selections page, click Install to add the IP and Domain Restrictions role services. |
5.Select IP Addresses and Domain Restrictions > Add Allow Entries.
6.Add the IP Addresses you want to allow.
7.Click Edit Feature Setting on the right panel.
8.Ensure the Deny checkbox is selected.
9.Add the IP Address of Central Config Machine.
10.Reset IIS.
Repeat the process to add more IP Addresses if more services are installed on other different machines.