locked
Max Time Period Length RRS feed

  • Question

  • User-1789653708 posted

    Q - what is the max length of the time for the time period ??  in the Dynamic IP Restrictions --> Deny Criteria  --> Deny IP addresses based on the number of requests over a period of time.  The IIS 7.5 module asks for time in milliseconds. (The examples show seconds but the module seems to be working in milliseconds). I am interesting in time periods of hours or longer. Maybe even days. So I am interested in what the Max time period is right now.

     Q - While this might work fine for a DoS attack, I am would also like to use this to restrict unwanted visitors that seem to be coming from an attack of thousands of IP addresses but at a slow rate of 1 to 4 per hour. It is a slow motion attack. They are coming in and creating invalid clicks on things like ads. I have a medium use web site that gets maybe 5,000 to 20,000 unique visitors a day. However, the attack is creating hundreds of thousands of visits in a slow but steady stream from thousands of IP locations. Thus, I am using this to deny requests if they are requesting above a certain threshold per 24 hour or longer period. Actually I would like two periods. One to determine the threshold to deny (Qty of requests in ten hours say) and the other for the length of time to deny (deny for 24 hours or even deny up to a week).

    Q - Can I set up more than one IP Restriction on the server ? An an example, can I set up one set of criteria for my entrance page. And another set of criteria for a folder?  It does not appear so but I thought I would ask.

     

     I have the IIS Dynamic IP Restrictions Release Candidate installed and it seems to be working fine. I have IP range blocks in my web.config file and they seem to work fine. The list is quite large as in the thousands. I am running this on a Windows 2008 Server with IIS 7.5 on the Amazon AWS Cloud service.  I mention this because I am running this on the Cloud and I am trying to do all this from the Windows Server 2008 and IIS 7.5.

     

    Thanks for in advance for the replies....

    Monday, June 18, 2012 11:38 PM

Answers

  • User-176674611 posted

    Sorry for the late reply.

    Q - what is the max length of the time for the time period ??  in the Dynamic IP Restrictions --> Deny Criteria  --> Deny IP addresses based on the number of requests over a period of time.  The IIS 7.5 module asks for time in milliseconds. (The examples show seconds but the module seems to be working in milliseconds). I am interesting in time periods of hours or longer. Maybe even days. So I am interested in what the Max time period is right now.

    Actually, the max length is defined in the schema file named dipr_schema.xml which located at "%windir%\System32\inetsrv\config\schema". The valid value is from 1 to 4294967295(max value of uint)

     Q - While this might work fine for a DoS attack, I am would also like to use this to restrict unwanted visitors that seem to be coming from an attack of thousands of IP addresses but at a slow rate of 1 to 4 per hour. It is a slow motion attack. They are coming in and creating invalid clicks on things like ads. I have a medium use web site that gets maybe 5,000 to 20,000 unique visitors a day. However, the attack is creating hundreds of thousands of visits in a slow but steady stream from thousands of IP locations. Thus, I am using this to deny requests if they are requesting above a certain threshold per 24 hour or longer period. Actually I would like two periods. One to determine the threshold to deny (Qty of requests in ten hours say) and the other for the length of time to deny (deny for 24 hours or even deny up to a week).

    As far as I know, currently this is not implemented in dynamic restriction module. You may need to write your custom code to implement this.

    Q - Can I set up more than one IP Restriction on the server ? An an example, can I set up one set of criteria for my entrance page. And another set of criteria for a folder?  It does not appear so but I thought I would ask.
     

    Dynamic IP restriction module can be only set at server or site level. So you can not use a specific set of criteria for a specific folder or page.

    Hope this helps, thanks.

    • Marked as answer by Anonymous Tuesday, September 28, 2021 12:00 AM
    Monday, June 25, 2012 10:39 PM

All replies

  • User-176674611 posted

    Sorry for the late reply.

    Q - what is the max length of the time for the time period ??  in the Dynamic IP Restrictions --> Deny Criteria  --> Deny IP addresses based on the number of requests over a period of time.  The IIS 7.5 module asks for time in milliseconds. (The examples show seconds but the module seems to be working in milliseconds). I am interesting in time periods of hours or longer. Maybe even days. So I am interested in what the Max time period is right now.

    Actually, the max length is defined in the schema file named dipr_schema.xml which located at "%windir%\System32\inetsrv\config\schema". The valid value is from 1 to 4294967295(max value of uint)

     Q - While this might work fine for a DoS attack, I am would also like to use this to restrict unwanted visitors that seem to be coming from an attack of thousands of IP addresses but at a slow rate of 1 to 4 per hour. It is a slow motion attack. They are coming in and creating invalid clicks on things like ads. I have a medium use web site that gets maybe 5,000 to 20,000 unique visitors a day. However, the attack is creating hundreds of thousands of visits in a slow but steady stream from thousands of IP locations. Thus, I am using this to deny requests if they are requesting above a certain threshold per 24 hour or longer period. Actually I would like two periods. One to determine the threshold to deny (Qty of requests in ten hours say) and the other for the length of time to deny (deny for 24 hours or even deny up to a week).

    As far as I know, currently this is not implemented in dynamic restriction module. You may need to write your custom code to implement this.

    Q - Can I set up more than one IP Restriction on the server ? An an example, can I set up one set of criteria for my entrance page. And another set of criteria for a folder?  It does not appear so but I thought I would ask.
     

    Dynamic IP restriction module can be only set at server or site level. So you can not use a specific set of criteria for a specific folder or page.

    Hope this helps, thanks.

    • Marked as answer by Anonymous Tuesday, September 28, 2021 12:00 AM
    Monday, June 25, 2012 10:39 PM
  • User-1789653708 posted

     Thanks. Great. It helps a lot.

    Monday, June 25, 2012 11:12 PM