A few days ago the IIS Team released yet another cool extension for IIS 7.0, the new extension “Dynamic IP Restrictions” has been released as a beta.
The Dynamic IP Restrictions Extension provides IT Professionals and Hosters a configurable module that helps mitigate or block Denial of Service Attacks or cracking of passwords through Brute-force by temporarily blocking Internet Protocol (IP) addresses of HTTP clients who follow a pattern that could be conducive to one of such attacks. This module can be configured such that the analysis and blocking could be done at the Web Server or the Web Site level.
The Dynamic IP Restrictions includes these key features:
- Blocking of IP addresses based on number of concurrent requests – If HTTP client makes many concurrent requests then that client’s IP address gets temporarily blocked.
- Blocking of IP addresses based on number of requests over a period of time – If HTTP client makes many requests over short period of time then that client’s IP address gets temporarily blocked.
- Various deny actions – it is possible to specify what response to return to an HTTP client whose IP address is blocked. The module can return status codes 403 and 404 or just drop the HTTP connection and do not return any response.
- Logging of dynamically denied requests – all denied requests can be logged into a W3C formatted log file.
- Displaying currently blocked IP addresses – a list of currently blocked IP addresses can be obtained by using IIS Manager or by using IIS RSCA API’s.
- IPv6 – the module fully supports IPv6 addresses.
Download it here:
- Microsoft Dynamic IP Restrictions for IIS 7.0 – Beta (x86)
- Microsoft Dynamic IP Restrictions for IIS 7.0 – Beta (x64)
For more information read this blog post.