Newbie Spellweaver
- Joined
- Jun 30, 2019
- Messages
- 7
- Reaction score
- 3
Hellos RZ,
First things first, I am not an expert at these things and this is not a "this will 100% guarantee to block all DoS attacks" this is just a few things I use to protect my IIS install from them. There are probably much better ways of doing this, and I probably have things that are messed up.. if you know of a better way than please let me know.
This tutorial also presumes you already have IIS installed and configured for your retro.
First thing you want to do is go into your IIS manager, go to your site, and go into Request Filtering.
Hit "Edit Feature Settings" on the right hand side, see screenshot below for my settings.
Click ok then go to the headers tab in request filtering, and add a new header with these entries
Then, go back to your website settings and right click and select "advanced settings" shown below. Then expand the limits tab and set connection timeout to 30. Once done click ok.
Next go up to "Application Pools" and right click the one that shares the name with the website name you have setup. For me, this is default, and select advanced settings. Scroll down until you see "generate process model...." and set "Idle Time-Out (Minutes)" to "1" and "maximum Worker Processes" to 0 as shown
That should be it! hopefully I havn't missed anything!
First things first, I am not an expert at these things and this is not a "this will 100% guarantee to block all DoS attacks" this is just a few things I use to protect my IIS install from them. There are probably much better ways of doing this, and I probably have things that are messed up.. if you know of a better way than please let me know.
This tutorial also presumes you already have IIS installed and configured for your retro.
First thing you want to do is go into your IIS manager, go to your site, and go into Request Filtering.
Hit "Edit Feature Settings" on the right hand side, see screenshot below for my settings.
Click ok then go to the headers tab in request filtering, and add a new header with these entries
Then, go back to your website settings and right click and select "advanced settings" shown below. Then expand the limits tab and set connection timeout to 30. Once done click ok.
Next go up to "Application Pools" and right click the one that shares the name with the website name you have setup. For me, this is default, and select advanced settings. Scroll down until you see "generate process model...." and set "Idle Time-Out (Minutes)" to "1" and "maximum Worker Processes" to 0 as shown
That should be it! hopefully I havn't missed anything!
Attachments
You must be registered for see attachments list