Today I found myself having to configure IIS under Windows Server 2008 and I needed to restrict access to a specific directory by IP address. It was quite tricky to figure out how to do this due to Microsoft's idiotic way of presenting what could easily be a straight forward user interface operation...
What follows are the steps involved to block all IPs in IIS, and granting access to one specific IP. As fa as I can tell this will work both on a site and a directory level (in my case it was a virtual directory that needed restricting).Step 1: Click the 'Add Allow entry' option
Step 2: Add the IP address you wish to allow access
Step 3: Select the IP entry in the list (there's only one in this case) and then click the 'Edit Feature Settings' option
Step 4: Select 'Deny' in the dropdown menu - this blocks all IPs that are not listed
Hope this helps someone.