Replace the 2nd part of the conditional after || on line #37 in Default.aspx

 ServiceResolver.Current.Resolve<Nuget.Server.Core.Infrastructure.ISettingsProvider>().GetBoolSetting("allowRemoteCacheManagement", false))

with this:

ConfigurationManager.AppSettings["allowRemoteCacheManagement"]=="false"

Sometimes, too sophisticated is too sophisticated. This is an example of releasing untested code: something that should be considered shameful but which became mainstream.

Then replace "false" with "true" on line 114 of Web.config, to allow remote cache management.

Alternatively, remove the check for remote requests altogether because it does nothing of value for us: the local nuget server is meant to be accessed remotely, so restricting it to localhost serves no purpose because a so restricted server does nothing more than a local folder set up as nuget server in VS. Some solutions are overengineered, and this one is too.