Back   Home   Security Projects   Blog  

Tropical PC Solutions: IIS IP blocker code

This script was written to help stop automated brute force attacks against your website. Are you tired of seeing www.yourdomain.com\\..\\..\\..cmd.exe in your log files? This script uses a custom 404 page that logs the IP address of the person making the 404 requests and after so many requests it adds that IP to the IIS servers deny list. There is some HOWTO information with the download...Be sure to read the README.html file! To download the original C code as published by Scott Burgett click here. This script is effective against requests made via browser, wget and telnet raw HTTP...maybe more but I only personally tested these. I updated this script to use a safe.log. You can add Ip's you dont want to ban in the safe log. IP's you might not want to ban are those used by Googlebot or Slurp (yahoo bot).

To download this IIS auto blocking IP address program click here.

Sign up for our newsletter and get a free eBook!
Twitter Get the latest, subscribe via Twitter!

Copyright 2009 ...