ASPNetFAQ.com: What is ASP.NET?

Technology posts on ASP.NET, IIS, Windows (+ a little Linux), Cloud Servers, Hosting, and more!
  • Blog Home
Search the site...

URL Scan or Request Filtering in IIS7

Tweet
Share
0 Shares

URL Scan has been a useful tool since Windows Server 2003, and continues to be used on many web server deployments. Did you know though that IIS7 includes a feature named Request Filtering that handles the same functionality as URL Scan but also gives a tighter level of control over the settings and where they are applied?

Filtering requests on IIS7 for security

Request Filtering is a great resource to protect your site from SQL Injections and other attacks. One, of several, great reasons to consider using it is that it can be configured from the GUI (accessed through the icon shown above) *OR* from within your web.config file. Managing this from the GUI makes the web.config changes for you, so it winds up being the same thing, but it makes it a little easier to deal with. Then once the settings and rules are in your web.config file, they are nice and portable – just deploy them along with your site to assure that the server settings are in proper place to filter out the types of “bad” requests and possible attack footprints that you want to lock down.

It doesn’t get much easier than that – and you don’t have to remember to make the settings if you move the site, or add more server nodes, or … whatever!

There are plenty of great resources online so I won’t rehash what’s already been communicated quite well, but I’ll provide some links for your reference below.

http://www.iis.net/ConfigReference/system.webServer/security/requestFiltering#005

http://learn.iis.net/page.aspx/143/use-request-filtering/

http://learn.iis.net/page.aspx/504/using-enhanced-request-filtering-features-in-iis/

Happy hosting!

More from my site

  • IIS7 Application Pool Idle Time-out SettingsIIS7 Application Pool Idle Time-out Settings
  • Cloud Server FlexibilityCloud Server Flexibility
  • Stopping All Sites on a Windows Server Without Stopping IISStopping All Sites on a Windows Server Without Stopping IIS
  • Convert a Folder to an Application on a Remote IIS HostConvert a Folder to an Application on a Remote IIS Host
  • Basic IIS Performance StatisticsBasic IIS Performance Statistics
Tweet
Share
0 Shares
Hosting, IIS

Comments are closed.

Proverbs 19:20

"Get all the advice and instruction you can, so you will be wise the rest of your life."

A Note On WordPress Hosting

Our main focus is of course .NET, but with a mix of Linux, virtualization, and other technologies. But if you're really looking for the best WordPress hosting specifically, read my WordPress host review to save yourself hassle AND money!




Recent Posts

  • What makes good web hosting?
  • jQuery Mobile C# ASP.NET and N5 Networks Software Repository
  • Open Source Bug Tracking Software and the Orchard Project
  • ASP.NET Development with Dreamweaver MX: Visual QuickPro Guide
  • Kendo UI Sample, ASP.NET Ajax Tutorial & More

Tags

ASP.NET Automation centos CMS css cytanium Development/Coding Email gmail Hosting htaccess http https IIS javascript Learning Linux logparser MySQL nginx openssl OrcsWeb performance PowerShell redirect RHEL security server SherWeb smtp SQL/Databases ssl System Administration telnet terminal tip Troubleshooting Ubuntu virtualization Visual Studio web farm web hosting Windows windows server Wordpress

Categories

  • ASP.net development
  • Development/Coding
  • Hosting
  • IIS (Internet Information Services)
  • SQL/Databases
  • System Administration
  • Virtualization
(c) ASPNETFAQ.com