How to Block IP Addresses Quickly in IIS

Published: at 04:35 PM

This guide provides instructions on how to quickly block IP addresses using IIS (Internet Information Services) configuration settings. Blocking IP addresses can help protect your website from malicious traffic and unauthorized access.

Using IIS

  1. Open IIS Manager: Launch IIS Manager on your server.
  2. Select Your Site: In the left-hand Connections pane, expand the server node and select the site you want to configure.
  3. Open IP Address and Domain Restrictions: In the middle pane, double-click on “IP Address and Domain Restrictions.”
  4. Add Deny Entry: In the Actions pane on the right, click on “Add Deny Entry.”
  5. Enter IP Address: In the dialog box, enter the IP address or range of IP addresses you want to block. Click “OK” to save the entry.
  6. Apply Changes: Click “Apply” in the Actions pane to apply the changes.

For more detailed information, refer to the Microsoft documentation.

Using web.config

The following configuration sample adds two IP restrictions to the Default Web Site; the first restriction denies access to the IP address 192.168.100.1, and the second restriction denies access to the entire 169.254.0.0 network IP Security 

<?xml version="1.0"?>
<configuration>
   <system.webServer>
      <security>
         <ipSecurity>
            <add ipAddress="192.168.100.1" />
            <add ipAddress="169.254.0.0" subnetMask="255.255.0.0" />
         </ipSecurity>
      </security>
   </system.webServer>
</configuration>
Previous Post
Immediate Actions for Ecommerce Security Breach
Next Post
Testing APIs in Visual Studio Using .http Files