'IIS Authorization Rules multiple Groups levels web.config

I am currently using the following in my IIS 10 web.config to limit access to my website. We have planed to add another group here to give access to some parts of the website to other users.

My questions is what is best approach here?

<security>
     <authorization>
        <remove users="*" roles="" verbs="" />
        <add accessType="Allow" users="" roles="WebSuperUsers" />
     </authorization>
  </security>

New group needs to have access to index file in root and some other pages located under different folders.

iisiis-10


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

ASP.NET: HTTP Error 500.19 – Internal Server Error 0x8007000d

The server response was: 5.7.0 Must issue a STARTTLS command first. i16sm1806350pag.18 - gsmtp

What is "AppOffline" which prevents my bot application from getting published to the IIS web server?

Getting error "403 - Forbidden: Access is denied" on browser when user is NOT administrator

Chrome WebDriver does not open when called from IIS

"There was an error while performing this operation"

Cannot establish connection to SQL Server

Is there a way to produce an alert when an IIS site goes down using Prometheus?

HTTP error 403.16 - client certificate trust issue

CSS, Images, JS not loading in IIS

Can't open web project because IIS Express is not installed (even though it is)

IIS font not applying

Testing web API service

WEBAPI not working when i add server ip address instead of name?

How to attach to IIS process (w3wp.exe) on Windows 10/IIS 10?