Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: How do I block sites from accessing IIS webserver

01 Aug 2009   #1
jimbo45

Linux CENTOS 7 / various Windows OS'es and servers
 
 
How do I block sites from accessing IIS webserver

Hi guys
Not sure if question should be here or in Networking

Is there a way of BLOCKING some incoming sites from possibly accessing your web servers. Note this is for a HOME webserver with a bog standard home router -- so no corporate type of hardware firewall etc.

Using W7 X-64 build 7137 with latest IIS server installed

Looking at the Router log I see some entries like this I've blanked out the destination for obvious reasons)

TCP Packet - Source:125.65.165.139,12200 Destination:- [Web Server rule match]
Thu, 2009-07-30 09:43:03 - TCP Packet - Source:222.208.183.218,12200 Destination: - [Web Server rule match]
Thu, 2009-07-30 10:45:54 - TCP Packet - Source:222.208.183.218,12200 Destination:- [Web Server rule match]
Thu, 2009-07-30 11:49:15 - TCP Packet - Source:222.208.183.218,12200 Destination: - [Web Server rule match]
Thu, 2009-07-30 11:59:33 - TCP Packet - Source:125.65.165.139,12200


The IP 's found from the WHOIS IP site are

125.65.165.139 - Geo InformationIP Address125.65.165.139Host125.65.165.139Location CN, ChinaCityChengdu, 32 -OrganizationCHINANET Sichuan province networkISPCHINANET Sichuan province networkAS NumberAS4134 No.31,Jin-rong Street


and
222.208.183.218 - Geo InformationIP Address222.208.183.218Host222.208.183.218Location CN, ChinaCityChengdu, 32 -OrganizationCHINANET Sichuan province networkISPCHINANET Sichuan province networkAS NumberAS4134 No.31,Jin-rong Street


Any network gurus out there -- what do I need to do now if anything

BTW it doesn't look like they've logged on or anything -- decent passwords / firewalls / closed ports and router remote facility is turned off.

Cheers
jimbo


My System SpecsSystem Spec
.
01 Aug 2009   #2
Orbital Shark

 
 

Hi Jimbo,

I'm no IIS/network/security guru but can't you set your router to deny certain Sites/IP addresses from 'passing' through your router?

For example:
Name:  Capture.PNG
Views: 50
Size:  39.3 KB

Sorry, only think I can think of


My System SpecsSystem Spec
01 Aug 2009   #3
jimbo45

Linux CENTOS 7 / various Windows OS'es and servers
 
 

Hi there
I think the Router allows you to block users on your OWN site from accesssing specific web sites so for example you can prevent kids from having access to undesirable sites (Porn etc etc).

What I want is the OTHER way round - block certain IP addresses from accessing mi IIS server.

More expensive (Commercial type) routers seem to allows this but I can't seem to do ir with a cheap "Domestic" type router.

With security being more of an issue now I really think this feature should be implemented IN THE ROUTER.

Whatever one thinks of AV software and firewalls IMO it would also be helpful to block certain IP addresses from being able to attempt to logon in the first place.

I've changed the default IIS port but that won't stop a determined person from trying all possible ports -- would delay them a bit -- and I change it once a week in any case.

I'm not an expert at all in this stuff especially Windows networking although I have used an apache server on a linux box where you can configure "Black Lists" of domains and IP addresses.

Maybe the Forum software might have some idea as they can obviously ban people and know their IP addresses.

Cheers
jimbo
My System SpecsSystem Spec
.

01 Aug 2009   #4
zigzag3143

Win 8 Release candidate 8400
 
 

Jim

My linksys does have site blocking by either url, or ip. Im not sure how many sites it would allow but. could also block by country suffix, (ie cn) or ip range.

Ken
My System SpecsSystem Spec
01 Aug 2009   #5
jimbo45

Linux CENTOS 7 / various Windows OS'es and servers
 
 

Quote   Quote: Originally Posted by zigzag3143 View Post
Jim

My linksys does have site blocking by either url, or ip. Im not sure how many sites it would allow but. could also block by country suffix, (ie cn) or ip range.

Ken
Hi there
can you check that because I think that the Router will block those sites from being accessed by computers INSIDE your network.


I want to block those IP addresses from acessing my site from OUTSIDE the router (I.E from the "Public Internet")

My router can block sites / IP addresses but only it seems to prevent computers on the network from acessing those sites.

I tested with a 2nd (DIFFERENT) network -- I blocked the IP address via the router -- that worked as I couldn't access the home page on the server on the 2nd network but it didn't stop the computer from the 2nd network from accessing the home page of the IIS server on the computer of the FIRST network -- i.e I couldn't block an INWARD request from the "general Internet".

Cheers
jimbo
My System SpecsSystem Spec
01 Aug 2009   #6
zigzag3143

Win 8 Release candidate 8400
 
 

Quote   Quote: Originally Posted by jimbo45 View Post
Hi there
can you check that because I think that the Router will block those sites from being accessed by computers INSIDE your network.


I want to block those IP addresses from acessing my site from OUTSIDE the router (I.E from the "Public Internet")

My router can block sites / IP addresses but only it seems to prevent computers on the network from acessing those sites.

I tested with a 2nd (DIFFERENT) network -- I blocked the IP address via the router -- that worked as I couldn't access the home page on the server on the 2nd network but it didn't stop the computer from the 2nd network from accessing the home page of the IIS server on the computer of the FIRST network -- i.e I couldn't block an INWARD request from the "general Internet".

Cheers
jimbo
Jim
You absolutely correct. I understood what you wanted but when I went to look it didnt specify in my router. Your router is nat right? so is your chinese net touching the router but not the pc's inside? On a commercial router (I dont have one home either) it shouldn't pass a request/packet from an outside site without having a request from a browser ( or other app) inside.

Just rying to get my head around how you could do this

Ken
My System SpecsSystem Spec
01 Aug 2009   #7
Frostbite

 

How you go about securing the website depends how how accessible you want it to be. Is it just for 1 or 2 people from set networks or a group of people on different networks or the whole internet. If it's just from certain people you could allow just there IP's through the router. If it starts getting more complicated then the rules on the homer router may not be enough and you would have to look at a software firewall on the PC.
My System SpecsSystem Spec
Reply

 How do I block sites from accessing IIS webserver




Thread Tools




Similar help and support threads
Thread Forum
How do i block other user account from accessing my folders or files
I am new to this forum. So kindly inform me if there is any format in asking queries. It would be helpful in my future queries. I have an Administrator account. Now i want to create another user account so that others can use my laptop through that account. I want to restrict those users in...
System Security
How do i block a specific program from accessing the internet?
Hi everyone i'm having problems with this now i have Eset smart security witch manages the firewall but of course i'm not sure if it's because of Eset but when i went to the advanced settings i only got these options. There is no "rules" tab i don't know was this because of some updates or my...
Network & Sharing
Allows LAN Games only in LAN and block from accessing internet
Hi everyone. We began the internet service in our computer shop, but I want to know how does LAN games allows only in LAN and blocks from accessing internet. Games such as Warcraft III, Counter Strike, GTA IV and others have LAN and internet support, and we want to keep them on LAN so that clients...
Network & Sharing
How can i block certain user accounts from accessing certain partition
Hi i have patition (c) and partition (D) and partition (j) I need help blocking a standard user from accessing partition (D) and partion (j). windows 7 Home premium 64 bit Thnks for any help in advanced
General Discussion
Can I block sites between certain times?
Hello I have just got a new laptop with Windows 7 and IE8 to write up my thesis. Trouble is, I know I am easily distracted by certain websites and I want to remove the temptation to visit them while I should be working. I can't completely disable the internet since I need to be able to search...
Browsers & Mail


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 08:44.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App