At one of my clients we wanted to prevent that test clients could call our production services. Thanks to the fact that we are using WCF services hosted in IIS, this could easily be accomplished.
- Open the IIS Manager(InetMgr).
- Select the website where you want to apply the IP restrictions, right-click and select Properties.
- Go to the Directory Security Tab.
- Click on the Edit button in the IP address and domain name restrictions groupbox.
- Change the default configuration to Denied access.
- Afterwards clickon on Add… to configure the range of IP addresses who connect to this website.
- Complete the correct subnet mask. Click 3 x Ok, and the changes are applied.