Home / server / Questions / 541938
Accepted
Chris Marisic
Asked: 2013-09-27 09:29:10 +0800 CST

IIS only serve requests with hostnames

  • 772

What is the optimal way to configure IIS to block direct IP access to the server? Direct IP access is only used by malicious scanners that will troll the entire internet by ip looking for vulnerable servers.

I stood up a server only yesterday that is not used anywhere on the internet, and already have '/MyAdmin/scripts/setup.php' was not found in my error logs.

iis

3 Answers

  1. Best Answer

    You can use the Url Rewrite feature of IIS to do that :

    1. Open the URL Rewrite feature :

    URL Rewrite in IIS

    1. Add a rule of type "Request blocking" : enter image description here

    2. Block the requests based on host name :

    If you know your IP address, you can use it to block requests which use it : enter image description here

    Or you can block all requests which are not using the domain name : enter image description here

    Hope this helps (It took me ages to find that).

    Please note that I have no idea of the performance overhead of this usage.

    • 12

  2. This is, frankly, beneath caring about, however...

    1. Set up the default site on the server to point to a blank directory, or static files, or something you don't care about getting hammered by "malicious scanners". [booga booga]
    2. Don't map any blank host headers to your sites in IIS.
    • 3

  3. In IIS manager, select the website you wish to protect. Right click the site and select EDIT BINDINGS.

    Then edit the bindings for the protocol/port/ip combination you want. Then, edit the hostname field to include your website name (eg: myhost.mydomain.com) or a wildcard (eg: *.mydomain.com)

    After that anyone trying to access your website by IP will receive a 404 error. Anyone accessing the website by hostname will view the site normally.

    No need to use URL rewrite (which adds more overhead to the server)

    • -1