In some environments it may be necessary to restrict access to Archive Shuttle to a small group of users. This article explains how to do that.
With IIS in Windows 2008 R2 or Windows 2012 R2, an additional IIS Feature can be added called ‘URL Authorization’. When that is added, an additional option called ‘Authorization Rules’ is visible in IIS on when viewing the Archive Shuttle application:
That option allows groups to be added to, and removed from, the permissions to the virtual directory. In order secure the application remove the default entry allowing all users.
Instead add a group or a list of users that should have access.
The changes take effect the next time someone tries to access the site. Accessing the site via LocalHost will work from the Archive Shuttle Core server, regardless of the list of authorization rules.
Note: This change should be performed on the Archive Shuttle Virtual Directory only. Other virtual directories should remain untouched.