Blocking requests from specific IPs using IIS Rewrite module
I'm trying to block a range of IP that is sending tons of spam to my blog. I can't use the solution described here because it's a shared hosting and I can't change anything to the server configuration. I only have access to a few options in Remote IIS.
I see that the URL Rewrite module has an option to block requests, so I tried to use it. My rule is as follows in web.config
:
<rule name="BlockSpam" enabled="true" stopProcessing="true">
<match url=".*" />
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{REMOTE_ADDR}" pattern="10\.0\.146\.23[0-9]" ignoreCase="false" />
</conditions>
<action type="CustomResponse" statusCode="403" />
</rule>
Unfortunately, if I put it at the end of the rewrite rules, it doesn't seem to block anything... and if I put it at the start of the list, it blocks everything! It looks like the condition isn't taken into account.
In the UI, the stopProcessing
option is not visible and is true
by default. Changing it to false
in web.config
doesn't seem to have any effect.
I'm not sure what to do now... any ideas?
Solution 1:
#1 WP Plug-in
Wordpress, check out the follow, you may or may not need a plug-in
- Read this link discuss various WP anti-spam plugin and tuning WP setting so you don't need plugin.
- Top 10 WP Anti-spam plugin
- Wordpress plugin page
Since you do have control over the web server, installing plugin should be no problem.
#2 IIS Web.config
IP base blocking can be done with IIS Web.config, following is example for allowing all but blocking specific IPs
<security>
<ipSecurity allowUnlisted="true"> <!-- this line allows everybody, except those listed below -->
<clear/> <!-- removes all upstream restrictions -->
<add ipAddress="83.116.19.53"/> <!-- blocks the specific IP of 83.116.19.53 -->
<add ipAddress="83.116.119.0" subnetMask="255.255.255.0"/> <!--blocks network 83.116.119.0 to 83.116.119.255-->
<add ipAddress="83.116.0.0" subnetMask="255.255.0.0"/> <!--blocks network 83.116.0.0 to 83.116.255.255-->
<add ipAddress="83.0.0.0" subnetMask="255.0.0.0"/> <!--blocks entire /8 network of 83.0.0.0 to 83.255.255.255-->
</ipSecurity>
</security>
More info in this link.
#3 IIS Web.config rewrite
Found following here, maybe you can try it.
<!-- Heading for the XML File -->
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<!-- This is where the rules start, this one will block EVERYTHING on your site with the <match url=".*" /> -->
<rules>
<rule name="Blocked Users" stopProcessing="true">
<match url=".*" />
<conditions>
<!-- This will just go to the 'Bad Ips' rewriteMap below and compare it to the REMOTE_ADDR which is the requesting IP -->
<add input="{Bad Ips:{REMOTE_ADDR}}" pattern="1" />
</conditions>
<!-- Actions can be Custom Rewrite, Redirect, or Just Abort Request, uncomment examples as needed -->
<action type="CustomResponse" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
<!-- This one will rewrite url to specified file
<action type="Rewrite" url="error.html" appendQueryString="false" /> -->
<!-- This on will redirect to another site
<action type="Redirect" url="http://www.google.com" appendQueryString="false" /> -->
<!-- This one will just Abort
<action type="AbortRequest" /> -->
</rule>
</rules>
<!-- This rewrite Map is where you choose your blocked IP's, values with 1 are blocked, all others are ignored, simple add your keys -->
<rewriteMaps>
<rewriteMap name="Bad Ips">
<!-- This one will use wildcards -->
<add key="108.166.*.*" value="1" />
<!-- This one wil use static IP -->
<add key="12.13.15.16" value="1" />
</rewriteMap>
</rewriteMaps>
</rewrite>
</system.webServer>
</configuration>