« Previous Next »

• 10-15-2009, 11:49 AM

  rsloman Joined on 10-15-2009, 3:40 PM Oxfordshire, UK Posts 5

  Blocking unwanted requests Reply Contact Hello guys, long time IIS admin and forum browser, but first time poster! I'm currently working on a wildcard ISAPI extension to block unwanted (or undesirable) requests as I found URLScan didn't meet my needs, and while there are other options available out there I wanted a single more complete package so decided to write one. I've currently got it to the point where I'm happy for other people to "have a go" with it, details are at http://www.richardsloman.com/other/how_to_block_user_agents_in_iis.asp I'd appreciate any comments, positive or otherwise, ideas for what to add etc. It's currently tuned to my setup, but you can change the settings in the .cf files in notepad.

• 10-18-2009, 3:13 PM

  In reply to

  Rovastar Joined on 03-13-2008, 2:00 PM London, UK Posts 1,796

  Re: Blocking unwanted requests Reply Contact I haven't looked at this yet but you state (one of) the reason(s) for creating this is that URLScan 3.x cannot block Useragent strings. "This led me onto Microsoft's URLScan tool, which while it looked ideal wasn't able to block specific User-Agent strings, rendering it fairly useless." It can. http://blogs.iis.net/rakkimk/archive/2009/06/12/urlscan-rejecting-the-request-depending-on-the-user-agent-string.aspx   http://www.iisportal.com

• 10-19-2009, 3:24 AM

  In reply to

  rsloman Joined on 10-15-2009, 3:40 PM Oxfordshire, UK Posts 5	Re: Blocking unwanted requests Reply Contact I stand corrected! It certainly wasn't available when I first started developing my extension, and to be honest I didn't recheck the URLScan page to see if it had been added. I still suspect it won't be as powerful though.

• 10-22-2009, 1:17 PM

  In reply to

  leewilmott Joined on 01-18-2008, 3:26 PM Posts 2	Re: Blocking unwanted requests Reply Contact rsloman, This could be of interest to me. URLScan doesn't seem flexible enough.  I would like to block "ALL" User-Agent strings with the exception of ones I specify.  URLScan on the other hand only blocks specified User-Agent strings. Does your filter allow this? Lee

• 10-22-2009, 2:06 PM

  In reply to

  rsloman Joined on 10-15-2009, 3:40 PM Oxfordshire, UK Posts 5

  Re: Blocking unwanted requests Reply Contact Hi Lee, It wouldn't allow you to do this at present, however I could add the facility to whitelist specific matching user agents. I must confess it doesn't strike me as a particularly good idea though. You could have a vanilla browser, whitelist it's user-agent string then go an install something that alters or extends that string (like the .net framework, or a helper object) and it would then be blocked.....

• 10-23-2009, 6:00 AM

  In reply to

  rsloman Joined on 10-15-2009, 3:40 PM Oxfordshire, UK Posts 5	Re: Blocking unwanted requests Reply Contact For those that are trying this I've uploaded a revised version (1.0.0.2). There's some speed increases and some new features (like scanning form data and referer) and I've added some documentation on the webpage about the possible commands and their uses. http://www.richardsloman.com/other/IISDefender