Afternoon guys,
I'm working on going through some lockdowns for IIS, I need to add a Deny rule to .NET Authorizations for all anonymous users. I have this, which partially works
Add-WebConfigurationProperty -pspath 'MACHINE/WEBROOT' -filter "system.web/authorization" -name "." -value @{accessType='Deny';users='?'}
? is an alias for All anonymous users
It partially works, as in it creates the rule, but it's set as an Allow Rule even though I'm calling Deny.
Does anyone have any ideas on how to get this to register as a Deny Rule?
I ended up finding the answer in the Related section off to the side. Don't know why this never popped up in my initial googling.
Managing IIS .Net Authorization Rules with a powershell script
My final code is
Add-WebConfigurationProperty -pspath 'MACHINE/WEBROOT' -filter "system.web/authorization" -name "." -value @{users='?'} -Type 'deny'