Hi,
I would like advice on the best way to restrict access to a weba pplication (using .net 2.0 and II6) based on the clients IP address. The two ways I am considering:
1) Through the server side code - check the client I.P against a list of IP addresses within the web.config.
2) Through IIS by creating a virtual directory and restricting the I.P addresses on this virtual directory.
My question is if I go the virtual directory route there are a lot of users that access this website and I have read reverse domain lookups made during each client request can be very expensive on server resources. How much of a risj is this?
Any other suggestions /ideas to doing this would be much appreciated
Thanks advance,