Problem solve Get help with specific problems with your technologies, process and projects.

Locking out an IP-Address after X login attempts

Is there anyway to lock an IP-address when the SSL login has been wrongly entered a specific number of times?

No, there's no way built into IIS. There are a couple of alternatives that may meet your needs though.

The simplest is to have Web users authenticate to NT4 or Windows 2000 user accounts and enable password lockouts. After x number of unsuccessful authentication attempts, the password will be locked out. However, this solution doesn't block a user's IP address so it doesn't completely meet your needs.

It's also possible to create an ISAPI filter that intercepts incoming HTTP requests and counts the number of times requests from a given IP address include authentication information. If a specific address is attempting a brute-force attack, this ISAPI filter could manipulate the IIS metabase and institute Source-IP Filtering for that address. This meets your needs but you'll have to do some coding.

Dig Deeper on Windows client management

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.