URL Authorization in IIS is a security mechanism that determines whether a user or group can access specific URLs or resources on a web application, based on predefined rules. The admin can define these rules. Consider a gatekeeper of an Apartment, how he checks the identity of every visitor entering the apartment, and decides whether to allow them or not depending on the apartment association rules, the same way, URL Authorization uses information like usernames or roles to enforce predefined rules ensuring that only authorized users can view the sensitive pages or files of a web application. This article will navigate the steps of How to Enable URL Authorization forInternet Information Services on Windows 11 using simple yet clear steps. Check out: Enable Basic Authentication for IIS on Windows 11.
Key Steps:
- To Enable this feature on Windows 11, we will use Windows Features.
- To access Windows Features, open Run and execute the following command.
appwiz.cpl
- On the Programs and Features window, click on Turn Windows Features on or off from the left pane.
- Windows Features dialog will open now. Locate Internet Information Services and expand the tree.
- Then, expand World Wide Web Services.
- Finally, expand Security.
- Now, you can find URL Authorization. Click on the checkbox to enable it. Click OK.
Directions to reach URL Authorization in IIS on Windows 11
Directions to URL Authorization for IIS on Windows 11
- You can either use the Start menu or the keyboard combination Win Key + R to open the Run command.
- Once you are on the Run command, execute the following command
appwiz.cpl
and click OK. This command will open the Programs and Features window.
Open Programs and Features using appwiz.cpl
- When the Programs and Features window opens, click on the Turn Windows Features on or off option from the left pane.
Turn Windows Features on or off
- This action will open the Windows Features dialog. Here, you can find all the available optional features. Most of these features are essential for developers and IT Professionals.
- Go to Internet Information Services from the list of services available and expand it.
- Now, you will find FTP Server, Web Management Tools, and World Wide Web Services. Expand the World Wide Web Services.
Expand World Wide Web Services
- You will find various optional features such as Application Development Features, Common HTTP Features, Security, etc. Expand the Security tree.
- Under Security , you can find options like Basic Authentication, IP Security, and more. Our interest is URL Authorization , click on the checkbox next to it to enable it, and click OK.
Enable URL Authorization for IIS on Windows 11
- Windows will search for the required files.
Windows Searching for the required files
- The system will apply the necessary changes.
- Finally, Windows will complete the requested changes. Click Close to close the window. We highly recommend doing the restart right away so that the changes made will be reflected in the system.
Windows has completed the changes
- That is it. URL Authorization in IIS is now enabled in your Windows 11.
URL Authorization for IIS Feature availability on various Windows Editions
This section provides information on the availability of this feature on different Windows Editions.
| Windows Editions | Availability
| Windows 11 Home - Yes
| Windows 11 Professional - Yes
| Windows 11 Education - Yes
| Windows 11 Enterprise - Yes
| Windows 11 Pro Education - Yes
| Windows 11 SE - No
| Windows 11 IoT Enterprise - Yes
Key Features of URL Authorization
URL Authorization Key Features
The key features of URL Authorization in IIS include access control based on users or roles, seamless integration with authentication methods like Windows Authentication, Forms Authentication , and Digest Authentication, and the ability to define rules at the server, site, or file level. Admins can define these rules on the web.config
file. This feature provides flexible management and integrates with Active Directory for enterprise user and role management.
Sample Code for incorporating URL Authorization on web.config file
(configuration)(system.web)(authorization)(allow roles="Admins" /)(deny users="*" /)(/authorization)(/system.web)(/configuration)
In this above block, the code grants access only to users in the “Admins” role while blocking all others.
NOTE
In the above example, we have used () paranthesis to avoid conflicting with the HTML code <> paranthesis.
Take away
URL Authorization for IIS on Windows 11 provides an effective way to control who can access specific resources on your web application. By configuring simple rules based on user roles or groups, you can easily secure sensitive content. If you have any queries, do let us know in the comment section. For more interesting articles, stay tuned to Winsides.com. Happy Coding! Peace out!
Top comments (0)