I have a website setup in IIS 7.5 which has bindings to two domains names, for example:
- www.examplesite.com
- www.anothersite.com
Which means someone visiting to either address in their browser would see exactly the same site.
What I want to achieve is to deny requests to /admin for people visiting www.examplesite.com/admin - but for requests to www.anothersite.com/admin to go through.
However when using the request filtering features in IIS, it only seems possible to apply the filtering to the URL excluding the domain name. Meaning that /admin would be denied for both domains.
Is this possible? If not through IIS 7.5 request filters, then what's the easiest alternative?
For an IIS solution you should consider the URL Rewrite extension for IIS.
http://www.iis.net/downloads/microsoft/url-rewrite
I've been using it in our server farm to rewrite website URLs and have found it is very powerful.
Here is a similar example of what you are trying to achieve, in your case you could apply a Regex or Wildcard filter to the Raw URL instead of the Host header:
http://www.iis.net/learn/extensions/url-rewrite-module/request-blocking-rule-template
When you say deny requests, it depends on what you want the user experience to be. It could be an Abort Request, Custom Response (403), Redirect etc etc.