To block IP addresses from accessing your website you need to block them in IIS's "Directory Security" block lists. You have two options when applying these IP blocks, you can either apply them so that the IPs can not access any of the websites on your server or only specific sites.
Step 1) Remote Desktop into your server using and account with administrator privileges
Step 2) Click Start>Control Panel>Administrative Tools
Step 3) Open Computer Management
Step 4) Scroll Down to and Select Internet Information Services (IIS) Manager
Step 5a) To block an IP from accessing all websites on your server right click on the "Web Sites" entry on the right side of the window.
Step 5b) To block an IP from accessing only a particular website double click on the "Web Sites" entry on the right side of the window. It should now display a list of websites hosted on your server. Right click on the necessary website.
Step 6) After right clicking a popup menu should be displayed, select properties
Step 7) Select the "Directory Security" tab and click edit in the IP address and domain name restrictions section ( It will be the middle section, second button from the top)
Step 8) A new window should open. There should be a black dot next to the "Granted Access" radio which means that all IPs can access your web server. Click the add button which will open a new window that lets you block specific IP addresses.
Step 9a) To block a single IP select the "Single Computer" radio button and type in the IP address in the white box towards the bottom.
Step 9b) To block a group of computers based off their netblock select the "group of computers" radio button and type in the IP address and Subnet mask into their appropriate boxes.
Step 10) Click the "OK" button
Step 11) Repeat steps 8-10 until all IPs are blocked.
Step 12) On the left hand tree, right click on the "Internet Information Services (IIS) Manager" entry and select All Tasks > Restart IIS. Your server should now block access from those IP to your websites.
To removing IP from the block list repeat steps 1-7 from above to get back to the "IP Address and Domain Name Restrictions" window. Once there select the IP rule from the "Except the following:" list and click the remove button. Once all IPs have been removed restart IIS as described in step 12. It should be stated that if you find yourself applying large amounts of rules you might want to consider the purchasing of a firewall solution as your server's performance would suffer less by blocking offending traffic from ever reaching the server in the first place.
Step 1) Remote Desktop into your server using and account with administrator privileges
Step 2) Click Start>Control Panel>Administrative Tools
Step 3) Open Computer Management
Step 4) Scroll Down to and Select Internet Information Services (IIS) Manager
Step 5a) To block an IP from accessing all websites on your server right click on the "Web Sites" entry on the right side of the window.
Step 5b) To block an IP from accessing only a particular website double click on the "Web Sites" entry on the right side of the window. It should now display a list of websites hosted on your server. Right click on the necessary website.
Step 6) After right clicking a popup menu should be displayed, select properties
Step 7) Select the "Directory Security" tab and click edit in the IP address and domain name restrictions section ( It will be the middle section, second button from the top)
Step 8) A new window should open. There should be a black dot next to the "Granted Access" radio which means that all IPs can access your web server. Click the add button which will open a new window that lets you block specific IP addresses.
Step 9a) To block a single IP select the "Single Computer" radio button and type in the IP address in the white box towards the bottom.
Step 9b) To block a group of computers based off their netblock select the "group of computers" radio button and type in the IP address and Subnet mask into their appropriate boxes.
Step 10) Click the "OK" button
Step 11) Repeat steps 8-10 until all IPs are blocked.
Step 12) On the left hand tree, right click on the "Internet Information Services (IIS) Manager" entry and select All Tasks > Restart IIS. Your server should now block access from those IP to your websites.
To removing IP from the block list repeat steps 1-7 from above to get back to the "IP Address and Domain Name Restrictions" window. Once there select the IP rule from the "Except the following:" list and click the remove button. Once all IPs have been removed restart IIS as described in step 12. It should be stated that if you find yourself applying large amounts of rules you might want to consider the purchasing of a firewall solution as your server's performance would suffer less by blocking offending traffic from ever reaching the server in the first place.
No comments:
Post a Comment