Sign in to follow this  

[web] IIS 5.1 on Windows XP cant block IP addresses?

This topic is 4751 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

I'm getting a tons of bizzare requests to websites like (clip from my log files): ..."GET /file/adsWrapper.js - 404 3 4203 351 47 HTTP/1.1 ar.atwola.com"... and I want to go and block these domains because from what I've read, they are AOL Time Warner Ad servers (or something like that). Im clueless as to why they would be requesting all these files from me, and also dont know how they even know I exist at all. And I get this ALL the time..... Sorry, i went on a tangent, back to my question. When I open up IIS 5.1 and right click my web site and choose "Peoperties", then on the "Directory Security" tab, the option to block IP addresses is grayed out. The help file states: "This feature is only available for Windows 2000 Server installations." What the hell? Why would it only be allowed on Win 2000 Servers? I'm running Win XP Pro, so does anyone know how I can block IP adddresses from accessing my server port? [EDIT] its actually IIS 5.1, not 6.0 as I stated before [EDIT]

Share this post


Link to post
Share on other sites
Maybe there's some firewall software out there which lets you allow all ip traffic except for the ip's you've banned. Would probably lower your throughput though.

Some ip's I get are people phishing to see if I'm running a vulnerable IIS install or http proxy. I usually ban those too (I use apache ;) )

Share this post


Link to post
Share on other sites
AFAIK, IIS is supplied with Windows XP Pro only for development and testing, it's not supposed to be used as a production server which would explain why it's 'crippled' from the Windows 2000/3 server versions. Microsoft do, afterall, want to sell expensive server licenses.

One of your options could be to use an ISAPI filter to effectively block connections that match a certain IP range. I found an example (with source code) here.

Share this post


Link to post
Share on other sites
I ran across this packet filter in my search for a way to block ip addresses. It's still in beta and I just started using it so I don't know if it works correctly or not. That being said a particlar repeat offender hasn't shown up in my server logs since so it might be working (knock on wood). It runs as a service and the filter rules are pretty easy to set up.

Share this post


Link to post
Share on other sites

This topic is 4751 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this