http://mschnlnine.vo.llnwd.net/d1/Dev/App_Themes/C9/images/feedimage.pnghttp://channel9.msdn.com/forums/TechOff/254467-Restrict-Web-Service-Access-to-host-only/Restrict Web Service Access to host onlyhttp://channel9.msdn.com/forums/TechOff/254467-Restrict-Web-Service-Access-to-host-only/en-usFri, 04 May 2007 20:33:23 GMTFri, 04 May 2007 20:33:23 GMTEvNet (EvNet, Version=1.0.3243.35083, Culture=neutral, PublicKeyToken=null)<blockquote> <div>m1keread wrote:</div> <div><blockquote><table><tr><td><img src="http://channel9.msdn.com/Themes/AlmostGlass/images/icon-quote.gif /></td><td><strong>Minh wrote:</strong><i> <blockquote> <table> <tr> <td><img src="http://channel9.msdn.com/Themes/AlmostGlass/images/icon-quote.gif /></td> <td><strong>m1keread wrote:</strong> <i>So if I read you correctly, I can go into IIS Manager and restrict the sites that can call the web service.&nbsp; If this is correct, it is a much more elegant way of doing what I need to do.</i></td></tr></table></blockquote><br />That should work.<br /><br />Also, if I understood you correctly,<br /><br />HttpContext.Current.Request.UserHostAddress<br /><br />should be the IP of the web site, not the client's browser -- because it is the website that is making the web service request to your web service.<br /></i></td></tr></table></blockquote><br /><br />Thanks Minh,<br /><br />What you said is what I understood also, however the IP address being returned was not the IP address of the physical Server hosting the website.&nbsp; I assumed that it was the IP address of my client PC on the internet.&nbsp; The Web server physical machine had a static IP address and yet the above line was returning different addresses at varying times.&nbsp; (I should have done some more research into it, but did not).<br /><br />regards<br /><br />Mike</div> </blockquote> <br />Weird.... Just so I'm clear, you're querying the UserHostAddress from within the Web Service's code &amp; not the Web site's code.<br /><br />As ScanIam said, multiple NIC's could produce a differnt IP address, but it should be consistent, shouldn't it?<br /><br />Well, maybe that's where the Firewall / router plays a role.<br /><br />http://channel9.msdn.com/forums/TechOff/254467-Restrict-Web-Service-Access-to-host-only/?CommentID=308088Fri, 04 May 2007 20:33:23 GMThttp://channel9.msdn.com/forums/TechOff/254467-Restrict-Web-Service-Access-to-host-only/?CommentID=3080880http://channel9.msdn.com/308088/WebViewBug.aspx?EVT=0 m1keread wrote: Minh wrote: m1keread wrote: So if I read you correctly, I can go into IIS Manager and restrict the sites that can call the web service.&nbsp; If this is correct, it is a much more elegant way of doing what I need to do.That should work.Also, if I understood&#8230;Minh0http://channel9.msdn.com/308088/Trackback.aspxIf you have 2 NIC cards or if the request comes through a firewall/NAT you'll get weird IP addresses.http://channel9.msdn.com/forums/TechOff/254467-Restrict-Web-Service-Access-to-host-only/?CommentID=308059Fri, 04 May 2007 18:35:36 GMThttp://channel9.msdn.com/forums/TechOff/254467-Restrict-Web-Service-Access-to-host-only/?CommentID=3080590http://channel9.msdn.com/308059/WebViewBug.aspx?EVT=0If you have 2 NIC cards or if the request comes through a firewall/NAT you'll get weird IP addresses.ScanIAm0http://channel9.msdn.com/308059/Trackback.aspx<blockquote> <div>Minh wrote:</div> <div> <blockquote> <table> <tr> <td><img src="http://channel9.msdn.com/Themes/AlmostGlass/images/icon-quote.gif /></td> <td><strong>m1keread wrote:</strong> <i>So if I read you correctly, I can go into IIS Manager and restrict the sites that can call the web service.&nbsp; If this is correct, it is a much more elegant way of doing what I need to do.</i></td></tr></table></blockquote><br />That should work.<br /><br />Also, if I understood you correctly,<br /><br />HttpContext.Current.Request.UserHostAddress<br /><br />should be the IP of the web site, not the client's browser -- because it is the website that is making the web service request to your web service.<br /></div> </blockquote> <br /> <br />Thanks Minh,<br /><br />What you said is what I understood also, however the IP address being returned was not the IP address of the physical Server hosting the website.&nbsp; I assumed that it was the IP address of my client PC on the internet.&nbsp; The Web server physical machine had a static IP address and yet the above line was returning different addresses at varying times.&nbsp; (I should have done some more research into it, but did not).<br /><br />regards<br /><br />Mikehttp://channel9.msdn.com/forums/TechOff/254467-Restrict-Web-Service-Access-to-host-only/?CommentID=307936Fri, 04 May 2007 09:00:37 GMThttp://channel9.msdn.com/forums/TechOff/254467-Restrict-Web-Service-Access-to-host-only/?CommentID=3079360http://channel9.msdn.com/307936/WebViewBug.aspx?EVT=0 Minh wrote:  m1keread wrote: So if I read you correctly, I can go into IIS Manager and restrict the sites that can call the web service.&nbsp; If this is correct, it is a much more elegant way of doing what I need to do.That should work.Also, if I understood you&#8230;m1keread0http://channel9.msdn.com/307936/Trackback.aspx<blockquote> <div>m1keread wrote:</div> <div>So if I read you correctly, I can go into IIS Manager and restrict the sites that can call the web service.&nbsp; If this is correct, it is a much more elegant way of doing what I need to do.</div> </blockquote> <br />That should work.<br /><br />Also, if I understood you correctly,<br /><br />HttpContext.Current.Request.UserHostAddress<br /><br />should be the IP of the web site, not the client's browser -- because it is the website that is making the web service request to your web service.<br />http://channel9.msdn.com/forums/TechOff/254467-Restrict-Web-Service-Access-to-host-only/?CommentID=307885Thu, 03 May 2007 20:35:37 GMThttp://channel9.msdn.com/forums/TechOff/254467-Restrict-Web-Service-Access-to-host-only/?CommentID=3078850http://channel9.msdn.com/307885/WebViewBug.aspx?EVT=0 m1keread wrote: So if I read you correctly, I can go into IIS Manager and restrict the sites that can call the web service.&nbsp; If this is correct, it is a much more elegant way of doing what I need to do. That should work.Also, if I understood you&#8230;Minh0http://channel9.msdn.com/307885/Trackback.aspx<p>Thanks buddy,</p> <p>&nbsp;</p> <p>The Web Services is a properly defined Web service and lives already in a .asmx file.&nbsp; </p> <p>So if I read you correctly, I can go into IIS Manager and restrict the sites that can call the web service.&nbsp; If this is correct, it is a much more elegant way of doing what I need to do.</p> <p>&nbsp;</p> <p>Thanks</p> <p>&nbsp;</p> <p>Mike</p>http://channel9.msdn.com/forums/TechOff/254467-Restrict-Web-Service-Access-to-host-only/?CommentID=307820Thu, 03 May 2007 14:36:30 GMThttp://channel9.msdn.com/forums/TechOff/254467-Restrict-Web-Service-Access-to-host-only/?CommentID=3078200http://channel9.msdn.com/307820/WebViewBug.aspx?EVT=0Thanks buddy, &nbsp; The Web Services is a properly defined Web service and lives already in a .asmx file.&nbsp; So if I read you correctly, I can go into IIS Manager and restrict the sites that can call the web service.&nbsp; If this is correct, it is a much more elegant way of doing what I&#8230;m1keread0http://channel9.msdn.com/307820/Trackback.aspx<p>Why not move the webMethod into it's own asmx file and set IP restriction on the file via IIS admin tool?</p> <p>&nbsp;</p>http://channel9.msdn.com/forums/TechOff/254467-Restrict-Web-Service-Access-to-host-only/?CommentID=307805Thu, 03 May 2007 12:58:04 GMThttp://channel9.msdn.com/forums/TechOff/254467-Restrict-Web-Service-Access-to-host-only/?CommentID=3078050http://channel9.msdn.com/307805/WebViewBug.aspx?EVT=0Why not move the webMethod into it's own asmx file and set IP restriction on the file via IIS admin tool? &nbsp;PerfectPhase0http://channel9.msdn.com/307805/Trackback.aspx