To block IP addresses from accessing your ftp accounts you need to block them in IIS's "Directory Security" block lists. You have two options when applying these IP blocks, you can either apply them so that the IPs can not access any ftp account on your server or only specific ones.
Step 1) Remote Desktop into your server using and account with administrator privileges
Step 2) Click Start>Control Panel>Administrative Tools
Step 3) Open Computer Management
Step 4) Scroll Down to and select Internet Information Services (IIS) Manager
Step 5a) To block an IP from accessing all ftp sites on your server right click on the "FTP Sites" entry on the right side of the window.
Step 5b) To block an IP from accessing only a particular ftp site double click on the "FTP Sites" entry on the right side of the window. It should now display a list of websites hosted on your server. Right click on the necessary ftp account.
Step 6) After right clicking a popup menu should be displayed, select properties
Step 7) Select the "Directory Security" tab. There should be a black dot next to the "Granted Access" radio which means that all IPs can access your ftp accounts. Click the add button which will open a new window that lets you block specific IP addresses.
Step 9a) To block a single IP select the "Single Computer" radio button and type in the IP address in the white box towards the bottom.
Step 9b) To block a group of computers based on their netblock, select the "group of computers" radio button and type in the IP address and Subnet mask.
Step 10) Click the "OK" button
Step 11) Repeat steps 8-10 until all IPs are blocked.
Step 12) On the left hand tree, right click on the "Internet Information Services (IIS) Manager" entry and select All Tasks > Restart IIS. Your server should now block access from those IP to your ftp accounts
To removing IPs from the block list
Step 1) Repeat steps 1-7 from above to get back to the "IP Address and Domain Name Restrictions" window.
Step 2) Select the IP rule from the "Except the following:" list and click the remove button.
Step 3) On the left hand tree, right click on the "Internet Information Services (IIS) Manager" entry and select All Tasks > Restart IIS.
If you find yourself applying large amounts of rules to your server it might be time to consider a true firewall based solution as your server's performance would suffer less by blocking offending traffic from ever reaching the server in the first place.
Step 1) Remote Desktop into your server using and account with administrator privileges
Step 2) Click Start>Control Panel>Administrative Tools
Step 3) Open Computer Management
Step 4) Scroll Down to and select Internet Information Services (IIS) Manager
Step 5a) To block an IP from accessing all ftp sites on your server right click on the "FTP Sites" entry on the right side of the window.
Step 5b) To block an IP from accessing only a particular ftp site double click on the "FTP Sites" entry on the right side of the window. It should now display a list of websites hosted on your server. Right click on the necessary ftp account.
Step 6) After right clicking a popup menu should be displayed, select properties
Step 7) Select the "Directory Security" tab. There should be a black dot next to the "Granted Access" radio which means that all IPs can access your ftp accounts. Click the add button which will open a new window that lets you block specific IP addresses.
Step 9a) To block a single IP select the "Single Computer" radio button and type in the IP address in the white box towards the bottom.
Step 9b) To block a group of computers based on their netblock, select the "group of computers" radio button and type in the IP address and Subnet mask.
Step 10) Click the "OK" button
Step 11) Repeat steps 8-10 until all IPs are blocked.
Step 12) On the left hand tree, right click on the "Internet Information Services (IIS) Manager" entry and select All Tasks > Restart IIS. Your server should now block access from those IP to your ftp accounts
To removing IPs from the block list
Step 1) Repeat steps 1-7 from above to get back to the "IP Address and Domain Name Restrictions" window.
Step 2) Select the IP rule from the "Except the following:" list and click the remove button.
Step 3) On the left hand tree, right click on the "Internet Information Services (IIS) Manager" entry and select All Tasks > Restart IIS.
If you find yourself applying large amounts of rules to your server it might be time to consider a true firewall based solution as your server's performance would suffer less by blocking offending traffic from ever reaching the server in the first place.
No comments:
Post a Comment