Post

Jexus Series: IP and Domain Restrictions

This post talks about Jexus IP and Domain Restrictions.

Posted
By Lex Li
1 min read
Jexus Series: IP and Domain Restrictions

Jexus does not yet support dynamic IP restriction as IIS 7+ do, but its IP address restriction support is feature complete.

For more information on Jexus/IIS comparison you can go to this article.

To configure IIS IP and Domain Restrictions, you need to follow this article.

It is very easy to translate the steps to Jexus.

Scenario 1

When we specify <ipSecurity allowUnlisted="true" /> on IIS and add deny entries

  • 192.168.100.1
  • 169.254.0.0 with subnet mask 255.255.0.0

Then in Jexus configuration we should use

1

denyfrom=192.168.100.1,169.254.0.0/16

Note that Jexus supports several ways of IP range, such as

  1. 169.254.0.0–169.254.255.255 (IP start to end)
  2. 169.254.0.0/16 (with prefix size)
  3. 169.254.. (with wildcard)

Scenario 2

When we specify <ipSecurity allowUnlisted="false" /> on IIS and add allow entries

  • 192.168.100.1
  • 169.254.0.0 with subnet mask 255.255.0.0

Then in Jexus configuration we should use

1

allowfrom=192.168.100.1,169.254.0.0/16

Scenario 3

If in Jexus settings we have

1
2

allowfrom=192.168.100.1,169.254.0.0/16
denyfrom=192.168.100.1

Then the effective IP range becomes 169.254.0.0/16 only.

iis jexus-manager
© Lex Li. All rights reserved. The code included is licensed under CC BY 4.0 unless otherwise noted.
Advertisement