I found a cool code snippet at SivaPinnaka.com explaining how to limit WCF service access. System.ServiceModel.OperationContext operationContext = OperationContext.Current; System.ServiceModel.Channels.MessageProperties messageProperties = operationContext.IncomingMessageProperties; System.ServiceModel.Channels.RemoteEndpointMessageProperty endpointMessageProperty = messageProperties[RemoteEndpointMessageProperty.Name] as RemoteEndpointMessageProperty; //If client is not local machine deny access to WCF service if (endpointMessageProperty.Address != "127.0.0.1") { throw new System.Security.SecurityException( "Unauthorized to Access My WCF Service"); }