This article is a mirror article of machine translation, please click here to jump to the original article.

Architect_Programmer_Code Agriculture Network»Architect Programming Technical chat [Practice] IIS 10 Access Set IP Blacklist
View: 6262|Reply: 0

[Practice] IIS 10 Access Set IP Blacklist

[Copy link]
Posted on 3/6/2022 10:36:44 AM | | | |
Requirements: There is a small activity on the colleague's website, there is an order interface that has been frequently called 50,000 times, and 99% of them are unpaid orders, and someone maliciously requests the interface through the program. The website does not have some traffic throttling rules and security policies, and the temporary solution can only be to blacklist the requester's IP and refuse to provide services to malicious requesters.

The website uses a cloud server, and the request reaches the IIS site directly, and there is no intermediate layer such as load balancing, so IIS can directly obtain the user's IP address.

The IP address of the requester is recorded for each order placed on the website, so it is very easy to filter out the IP address of the attacker through the database group by.

If the requester's IP address is not recorded and the request is made concurrently, you can refer to the following:

Windows PowerShell to find the attacker's IP
https://www.itsvse.com/thread-3423-1-1.html

How do I ban an IP address?

1. Some IPs can be prohibited from accessing through the inbound rules of the firewall, since the Windows system does not have the firewall on,Since it is not turned on, don't turn it onotherwiseIt may affect the normal operation of existing programs on the server

2. Log in to the official ECS background and passSecurity groups prohibit IP access

3. Use IIS's IP and domain restrictions to set up IP blacklists, the tutorial is as follows:

Log in to the server -> Open Server Manager -> Add roles and functions -> WEB server -> Security -> IP and domain restrictions, check and click Next to install, as shown in the figure below:



Open IIS Manager, find the website, and select IP and domain restrictions on the right, as shown in the image below:



Now test how the website is before adding the IP to the blacklistNormal access is possible, as shown below:



Add my native extranet IP to the IIS deny entry as shown in the image below:



Visit the site again in your native browser and find a 403 error as shown in the image below:

403 - Access Prohibited: Access denied.
You are not authorized to view this directory or pages using the credentials provided.






Previous:Kirin System uses YUM source to install the OceanBase error solution
Next:.NET/C# collection type query benchmark

Related Posts
Disclaimer:
All software, programming materials or articles published by Code Farmer Network are only for learning and research purposes; The above content shall not be used for commercial or illegal purposes, otherwise, users shall bear all consequences. The information on this site comes from the Internet, and copyright disputes have nothing to do with this site. You must completely delete the above content from your computer within 24 hours of downloading. If you like the program, please support genuine software, purchase registration, and get better genuine services. If there is any infringement, please contact us by email.
Mail To:help@itsvse.com