« Previous Next »

• 10-13-2008, 9:33 AM

  RickyE Joined on 10-13-2008, 9:26 AM Posts 2	URLSCAN logging only option? Reply Contact Does anyone know if there is a way to have URLSCAN only log what it would block?  We'd like to use on a production server, but we don't want to actually block requests until we've tuned the ruleset. We do have a development server, but I can't guarantee testing there would cover 100% of all the usage scenarios.  We're on IIS6. Thanks, Rick
  	Tags: UrlScanUrlScan 3.0

• 10-13-2008, 2:55 PM

  In reply to

  steve schofield Joined on 06-10-2002, 8:54 PM MI Posts 3,890	Re: URLSCAN logging only option? Reply Contact That isn't possible, but is a great feature request. Steve Schofield Windows Server MVP - IIS http://weblogs.asp.net/steveschofield http://www.IISLogs.com Log archival solution Install, Configure, Forget

• 10-14-2008, 9:48 PM

  In reply to

  naziml Joined on 03-10-2008, 6:25 PM Posts 41	Re: URLSCAN logging only option? Reply Contact You can put UrlScan into logging only mode by setting RejectResponseUrl=/~* When you trigger rules, the log file will actually say its only logged and not blocked.

• 10-14-2008, 10:28 PM

  In reply to

  steve schofield Joined on 06-10-2002, 8:54 PM MI Posts 3,890	Re: URLSCAN logging only option? Reply Contact Hmm.  Is that a undocumented 'feature'? Steve Schofield Windows Server MVP - IIS http://weblogs.asp.net/steveschofield http://www.IISLogs.com Log archival solution Install, Configure, Forget

• 10-14-2008, 10:31 PM

  In reply to

  naziml Joined on 03-10-2008, 6:25 PM Posts 41	Re: URLSCAN logging only option? Reply Contact Its actually documented in the urlscan.ini file and in the walkthroughs on http://learn.iis.net/page.aspx/476/common-urlscan-scenarios/

• 10-17-2008, 9:08 PM

  In reply to

  RickyE Joined on 10-13-2008, 9:26 AM Posts 2	Re: URLSCAN logging only option? Reply Contact Thanks! That's exactly what I needed. I swear I looked and googled everywhere I could think and didn't find that. Ah well. -Rick