This article is to inform how to restrict specific IP's coming in via URL rewrite for x-forwarded-for or x-ms-forwarded-client-ip.
- First, go to the realm that you would like to restrict IP access to (if it's global, then do it on the top level). Then double click on URL Rewrite. If you do not have it, please install it via Microsoft official website (this requires a reboot).
- Once here, right click to Add Rule.
- Then select Request Blocking and fill out the following.
- Once you're done with the rule, double click on the rule to edit the REMOTE ADDRESS.
- From here, please change REMOTE_ADDR to HTTP_X_MS_FORWARDED_CLIENT_IP in order to use this parameter to block the incoming IPs.
- This should require no IIS reset; and you're done! Happy restricting. :)