Hi, as I commented above, I don't think there is really any good solution for you. You really can't block or prevent even seeing the ECP directory without affecting OWA.
OWA and ECP are intertwined and OWA relies on the ECP virtual directory for user options.
Block Microsoft Exchange Server 2016 Exchange Admin Center (EAC) website from Internet
Hi,
As per requirements from our customer to restrict EAC from External network, We have configured Exchange 2016 servers configured with Option 2 using the article below:
As per customer security requirements, EAC/ECP website URL should not be accessible and should be blocked without impacting OWA accessibility for the users from Exchange Servers. Need help if this can be achieved using Exchange Server Configurations.
NOTE: By following the above article, EAC access is restricted but the EAC login page is still accessible by all the users.
-
Andy David - MVP 148K Reputation points MVP
2020-08-08T01:51:06.51+00:00
2 additional answers
Sort by: Most helpful
-
Lucas Liu-MSFT 6,176 Reputation points
2020-08-05T05:27:46.387+00:00 Hi Abdullah-salam,
You could install IP and Domain Restrictions role and set up restrict EAC from External network in IIS. Please follow the steps below:- In Server Manager, click the Manage menu, and then click Add Roles and Features.
- In the Add Roles and Features wizard, click Next. Select the installation type and click Next. Select the destination server and click Next.
- On the Server Roles page, expand Web Server (IIS), expand Web Server, expand Security, and then select IP and Domain Restrictions. Click Next.
- After you install the IP and Domain Restrictions role, you could set up IP and Domain Restrictions in IIS.
Please note that based on the previous similar case, install this feature may cause all user access interruption for a few minutes, and then it will be restored.
For more information you could refer to: Adding IP Security
-
Andy David - MVP 148K Reputation points MVP
2020-08-04T13:28:27.65+00:00 Take a look at these articles and test it out:
https://www.alitajran.com/disable-external-access-to-ecp-exchange-2016/
https://blog.expta.com/2018/10/how-to-block-external-access-to.html