This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 46%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
Hello;
I am trying to protect my Exchange ECP from internet, subject to my research; there are two methods can be used.
(1) Create a new virtual directory like the steps show here, but can I just do it on ECP not OWA? I want to keep the OWA without change.
(2) Using IP Address and Domain Restriction in IIS
I tried to apply it on "Default Web Site | ecp" virtual directly only, but it also blocking the OWA
Is it just apply this to ecp virtual directory without affecting OWA?
thanks!
The administration and maintenance of Microsoft Exchange Server to ensure secure, reliable, and efficient email and collaboration services across an organization.
Depending on Exchange Version:
2019:
2013/2016:
https://blog.expta.com/2018/10/how-to-block-external-access-to.html
This will affect OWA
Or look at:
https://www.codetwo.com/admins-blog/how-to-disable-external-access-to-ecp/
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 22%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKY%3C/text%3E%3C/svg%3E)
Hi @Kane
I agree with Andy, if you are using Exchange 2019, Client Access Rules would be very easy to use without affecting OWA.
However, this feature is not available in former versions of Exchange.
And if you have some firewall or reverse proxy in your environment, I suppose you may also create rules if it is supported to block external requests to the ECP url.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.