7,923 questions
hello,
you can Blocked this URL from Enpoint with the GPO : Sensitive Sites in Internet Option .
best regards .
Exchange ECP Restriction
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 16%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMN%3C/text%3E%3C/svg%3E)
Mohammed Nadeem
161
Reputation points
Hi
Can we restrict Exchange 2013 ECP URL base on IP address ?
Exchange | Exchange Server | Management
Windows for business | Windows Server | User experience | Other
20,212 questions
{count} vote
-
KyleXu-MSFT 26,396 Reputation points2022-02-09T08:05:52.97+00:00 I am writing here to confirm with you any update about this thread now.
If the suggestion below helps, please feel free to accept it as an answer to help more people.
Sign in to comment
4 answers
Sort by: Most helpful
-
-
Andy David - MVP 157.8K Reputation points MVP Volunteer Moderator2022-02-06T13:48:07.76+00:00 -
KyleXu-MSFT 26,396 Reputation points
2022-02-07T06:44:51.343+00:00 If you are using Exchange 2013/2016, you could use the "IP and Domain Restrictions" as said in the blog that AndyDavid provided.
In Exchange 2019, there exists a new function which is called Client Access Rules also could block access to the EAC based on IP Address. Due to Exchange 2013 will end of supported on "Apr 11, 2023", you could consider deploying Exchange 2019 as Internet facing server in the future.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
-
Mohammed Nadeem 161 Reputation points
2022-02-10T06:18:02.48+00:00 Hi
We are already using "IP and omain restriction" for OWA restriction for users and have around 10 vlans in it.
Same vlans we have added in ecp profile as well in IIS pool.
Those vlans can open ecp and we can't remove this vlan from ecp profile otherwise user wont' be able to change their password from owa.
-
KyleXu-MSFT 26,396 Reputation points
2022-02-14T08:37:37.003+00:00 You may need to update Exchange to Exchange 2016 or later.
For Exchange 2013, OWA setting needs to use "https://FQDN/ecp/~~~"
From Exchange 2016 and later, OWA setting will not use that one:
Sign in to comment -