VBScript使用ADSI為IIS批量添加屏蔽或允許訪(fǎng)問(wèn)的IP

    用ADSI+ASP添加IP到IIS禁止訪(fǎng)問(wèn)列表中
    代碼如下:
    '/*=========================================================================
    ' * Intro VBScript使用ADSI為IIS批量添加屏蔽或允許訪(fǎng)問(wèn)的IP
    ' * FileName VBScript-ADSI-IIS-Add-Deny-Grant-IP-Change-MetaBase.xml.vbs
    ' *==========================================================================*/
    'AddDenyIP2All "192.168.1.106,255.255.255.0"
    'AddDenyIP2All "127.0.0.1"
    'AddDenyIP "123456","127.0.0.1"
    '添加要屏蔽的IP或一組計(jì)算機(jī)，到一個(gè)指定站點(diǎn)上
    Sub AddDenyIP(strWebNo, strDenyIp)
    On Error Resume Next
    Set SecObj = GetObject("IIS://LocalHost/W3SVC/" & strWebNo & "/Root")
    Set MyIPSec = SecObj.IPSecurity
    MyIPSec.GrantByDefault = True
    IPList = MyIPSec.IPDeny
    i = UBound(IPList) + 1
    ReDim Preserve IPList(i)
    IPList(i) = strDenyIp
    MyIPSec.IPDeny = IPList
    SecObj.IPSecurity = MyIPSec
    SecObj.Setinfo
    End Sub
    '添加要屏蔽的IP或一組計(jì)算機(jī)，到IIS公共配置，以應(yīng)用到所有站點(diǎn)
    '如果之前對(duì)有些站點(diǎn)單獨(dú)做過(guò)屏蔽IP設(shè)置，在些設(shè)置不會(huì)生效，得在總的網(wǎng)站上設(shè)置一下，然后覆蓋所有子結(jié)點(diǎn)
    Sub AddDenyIP2All(strDenyIp)
    On Error Resume Next
    Set SecObj = GetObject("IIS://LocalHost/W3SVC")
    Set MyIPSec = SecObj.IPSecurity
    MyIPSec.GrantByDefault = True
    IPList = MyIPSec.IPDeny
    i = UBound(IPList) + 1
    ReDim Preserve IPList(i)
    IPList(i) = strDenyIp
    MyIPSec.IPDeny = IPList
    SecObj.IPSecurity = MyIPSec
    SecObj.Setinfo
    End Sub
    '添加允許的IP或一組計(jì)算機(jī)，到一個(gè)指定站點(diǎn)上
    Sub AddGrantIP(strWebNo, strGrantIp)
    On Error Resume Next
    Set SecObj = GetObject("IIS://LocalHost/W3SVC/" & strWebNo & "/Root")
    Set MyIPSec = SecObj.IPSecurity
    MyIPSec.GrantByDefault = False
    IPList = MyIPSec.IPGrant
    i = UBound(IPList) + 1
    ReDim Preserve IPList(i)
    IPList(i) = strGrantIp
    MyIPSec.IPGrant = IPList
    SecObj.IPSecurity = MyIPSec
    SecObj.Setinfo
    End Sub
    '添加允許的IP或一組計(jì)算機(jī)，到IIS公共配置，以應(yīng)用到所有站點(diǎn)
    '如果之前對(duì)有些站點(diǎn)單獨(dú)做過(guò)屏蔽IP設(shè)置，在些設(shè)置不會(huì)生效，得在總的網(wǎng)站上設(shè)置一下，然后覆蓋所有子結(jié)點(diǎn)
    Sub AddGrantIP2All(strGrantIp)
    On Error Resume Next
    Set SecObj = GetObject("IIS://LocalHost/W3SVC")
    Set MyIPSec = SecObj.IPSecurity
    MyIPSec.GrantByDefault = False
    IPList = MyIPSec.IPGrant
    i = UBound(IPList) + 1
    ReDim Preserve IPList(i)
    IPList(i) = strGrantIp
    MyIPSec.IPGrant = IPList
    SecObj.IPSecurity = MyIPSec
    SecObj.Setinfo
    End Sub
    '顯示IIS公共配置里禁止訪(fǎng)問(wèn)的IP
    Sub ListDenyIP()
    Set SecObj = GetObject("IIS://LocalHost/W3SVC")
    Set MyIPSec = SecObj.IPSecurity
    IPList = MyIPSec.IPDeny 'IPGrant/IPDeny
    WScript.Echo Join(IPList, vbCrLf)
    ' For i = 0 To UBound(IPList)
    ' WScript.Echo i + 1 & "-->" & IPList(i)
    ' Next
    End Sub