|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
HTTP Error 403.6 - Forbidden: IP address of the client has been reI have a client running Windows 2003 Small Business Server. They have installed an app that runs under the default web site. When I am on the server or on the LAN and type in the URL: https://servername/bigtime the application comes up perfectly. However, when I try to do the same thing from the Internet using the Internet https://FQDN/bigtime I receive the following error message: HTTP Error 403.6 - Forbidden: IP address of the client has been rejected How can I change the security on the default web site so that any IP address is accepted? So far I have unchecked the box for integrated windows authentication, but, the Enable anonymous access box is still checked for the default web directory. Please advise. under security, hit the ip addresses button, allow all access
Show quoteHide quote "Richard Young" <RichardYo***@discussions.microsoft.com> wrote in message news:084C3ADC-24AD-46A5-8599-07CD351416A8@microsoft.com... > Hello, > I have a client running Windows 2003 Small Business Server. They have > installed an app that runs under the default web site. > > When I am on the server or on the LAN and type in the URL: > https://servername/bigtime > the application comes up perfectly. > > However, when I try to do the same thing from the Internet using the > Internet https://FQDN/bigtime I receive the following error message: > HTTP Error 403.6 - Forbidden: IP address of the client has been rejected > > How can I change the security on the default web site so that any IP > address > is accepted? > > So far I have unchecked the box for integrated windows authentication, > but, > the Enable anonymous access box is still checked for the default web > directory. > > Please advise. > -- > __________________________ > Richard Young, SBSC, CNE > http://www.relyonit.com > Thanks for the reply. Yes, I had set the IP address to any on the site and
that has worked. By doing this what security holes have I created? We have port 80 closed on our firewall so all of this traffic will be over https. Show quoteHide quote "Consultant" wrote: > under security, hit the ip addresses button, allow all access > > "Richard Young" <RichardYo***@discussions.microsoft.com> wrote in message > news:084C3ADC-24AD-46A5-8599-07CD351416A8@microsoft.com... > > Hello, > > I have a client running Windows 2003 Small Business Server. They have > > installed an app that runs under the default web site. > > > > When I am on the server or on the LAN and type in the URL: > > https://servername/bigtime > > the application comes up perfectly. > > > > However, when I try to do the same thing from the Internet using the > > Internet https://FQDN/bigtime I receive the following error message: > > HTTP Error 403.6 - Forbidden: IP address of the client has been rejected > > > > How can I change the security on the default web site so that any IP > > address > > is accepted? > > > > So far I have unchecked the box for integrated windows authentication, > > but, > > the Enable anonymous access box is still checked for the default web > > directory. > > > > Please advise. > > -- > > __________________________ > > Richard Young, SBSC, CNE > > http://www.relyonit.com > > > > > well, this allows any ip address from the internet to access your server
over https. follow best practices for securing your server and maintaining patches and you'll be ok Show quoteHide quote "Richard Young" <RichardYo***@discussions.microsoft.com> wrote in message news:616536BB-6716-4A9C-B499-BB0BAB4737B9@microsoft.com... > Thanks for the reply. Yes, I had set the IP address to any on the site > and > that has worked. By doing this what security holes have I created? We > have > port 80 closed on our firewall so all of this traffic will be over https. > > -- > __________________________ > Richard Young, SBSC, CNE > http://www.relyonit.com > > > > "Consultant" wrote: > >> under security, hit the ip addresses button, allow all access >> >> "Richard Young" <RichardYo***@discussions.microsoft.com> wrote in message >> news:084C3ADC-24AD-46A5-8599-07CD351416A8@microsoft.com... >> > Hello, >> > I have a client running Windows 2003 Small Business Server. They have >> > installed an app that runs under the default web site. >> > >> > When I am on the server or on the LAN and type in the URL: >> > https://servername/bigtime >> > the application comes up perfectly. >> > >> > However, when I try to do the same thing from the Internet using the >> > Internet https://FQDN/bigtime I receive the following error message: >> > HTTP Error 403.6 - Forbidden: IP address of the client has been >> > rejected >> > >> > How can I change the security on the default web site so that any IP >> > address >> > is accepted? >> > >> > So far I have unchecked the box for integrated windows authentication, >> > but, >> > the Enable anonymous access box is still checked for the default web >> > directory. >> > >> > Please advise. >> > -- >> > __________________________ >> > Richard Young, SBSC, CNE >> > http://www.relyonit.com >> > >> >> >> 
Other interesting topics
Application Pool domain credentials
integrated authentication securing multiple websites using wildcard certificate - one IIS 6.0 server One Domain with 2 websites and 2 SSL Certs handling files on another server within same workgroyp !!?? How can digitally signed executable be "secure" ? Wildcard Domain Restriction No access after requiring SSL HELP --- FTP IIS Certificate Authority guidance requested |
|||||||||||||||||||||||
