Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

[TUT] Prevent Direct IP IIS Flood using CloudFlare

xHosts.uk - Windows & Linux VPS - Cosmic Guard
[VIP] Member
Joined
Sep 10, 2011
Messages
857
Reaction score
354
Hey everyone

I have had many customers contacting me because of others in the community or ex technical staff on their hotels flooding the IIS directly as they had knowledge of the servers IP address. This may help people that are using providers who will not provide support on such issues or may charge a fee to change an IP address.

This will work on any version of IIS

Firstly you need to download IP Address and Domain Restrictions this can be done via the Microsoft website or using web platform installer, in this tutorial I will use web platform installer

Depending on your server providers DDOS protection by using this method you may not need a TCP proxy


xHosts - [TUT] Prevent Direct IP IIS Flood using CloudFlare - RaGEZONE Forums


You need to choose this option

xHosts - [TUT] Prevent Direct IP IIS Flood using CloudFlare - RaGEZONE Forums


Once this has installed, return to IIS main page and select the IP address and Domain Restrictions icon


xHosts - [TUT] Prevent Direct IP IIS Flood using CloudFlare - RaGEZONE Forums


Once you have opened this tab, right click and choose Add Allow Entry

xHosts - [TUT] Prevent Direct IP IIS Flood using CloudFlare - RaGEZONE Forums


Now you can begin to add IP addresses to the allowed list, as this tutorial is showing you how to allow CloudFlare IP addresses only I will show you how to add these ranges, thew same method applies to both IPv4 and IPv6

You can find the latest IP ranges list here on the CloudFlare website



You add the IP address and the number after the slash into the Mask or Prefix box, you do this for each range from the CloudFlare website

xHosts - [TUT] Prevent Direct IP IIS Flood using CloudFlare - RaGEZONE Forums


Next you need to Configure IIS to enforce the allowed list

xHosts - [TUT] Prevent Direct IP IIS Flood using CloudFlare - RaGEZONE Forums



You need to select the Edit Feature Settings option on the right side of the IP and Domain Restrictions window you have open


xHosts - [TUT] Prevent Direct IP IIS Flood using CloudFlare - RaGEZONE Forums


You need to now set the Access for unspecified clients to Deny

xHosts - [TUT] Prevent Direct IP IIS Flood using CloudFlare - RaGEZONE Forums


You need to set the Deny action type to Abort or the connections will still be allowed to make an attempted connection making this useless

If you need to still access your server locally add 127.0.0.1 to the allowed list and visit instead of

This will not stop all DDOS attacks but can help prevent direct IIS flooding and possibly remove the need for a TCP proxy too.
 
Initiate Mage
Joined
Mar 25, 2011
Messages
75
Reaction score
2
Thanks man! I had a support on devbest, i used this tutorial!
Really thanks for this tut!
 
Joined
Dec 16, 2011
Messages
1,993
Reaction score
631
For anyone who would be running off alternative options such as Nginx, Apache, or other webservers - you can also find a "Whitelist" type plugin/firewall and use the same concept. It's generally easier to whitelist rather than blacklist in these instances, as it will help to prevent unauthorized access and doing so can throw-off people as it would appear they have the wrong IP address.

Good tutorial NOC - the implementation of small things such as this whitelist is one of many crucial components to successfully setting up a secure virtual server. I think people, especially new people to virtual hosting, have no idea that there's more to it than just purchasing a VPS and away you go.
 
xHosts.uk - Windows & Linux VPS - Cosmic Guard
[VIP] Member
Joined
Sep 10, 2011
Messages
857
Reaction score
354
For anyone who would be running off alternative options such as Nginx, Apache, or other webservers - you can also find a "Whitelist" type plugin/firewall and use the same concept. It's generally easier to whitelist rather than blacklist in these instances, as it will help to prevent unauthorized access and doing so can throw-off people as it would appear they have the wrong IP address.

Good tutorial NOC - the implementation of small things such as this whitelist is one of many crucial components to successfully setting up a secure virtual server. I think people, especially new people to virtual hosting, have no idea that there's more to it than just purchasing a VPS and away you go.

I am always ready to give advice from my own experiences, I remember buying my first server in very early teens which is 17 + years ago now and thought it was simple thing, buy VPS, setup web server, sql and away I go but learnt a lot over the years and found security is even more important these days with the amount of people ready to attack a website for no real reason other than to get their rocks off over copy and pasting a IP address and clicking the big red button.
 
Back
Top