Dynamic IP Restrictions for IIS

There is a new extension for IIS - currently in beta 2 - that helps mitigate or block a denial of service or brute force attack. It's called the The Dynamic IP Restrictions Extension for IIS.

You can read details about it above, but basically it enables a few new settings that can be set server wide or per site. It provides control over "allow" and "deny" rules that you can set to reject connections from certain IP addresses. It also has some flow control settings that will reject connections from a certain IP address if they exceed certain thresholds - like more than X connections at once or more than Y connections within a certain period of time.

It installed easily during my tests and was fairly intuitive to both find and configure. Whether you have in-house servers or hosted Windows (even cloud) servers, it might be worth dropping this onto your site just in case it is needed in the future. If you are an OrcsWeb client with Complete Care Managed Services just mention to your support team and they can install it for you.