IIS7.5 UrlScan3.1 apply the firewall installation configuration method

  • 2020-05-10 23:11:06
  • OfStack

URLScan is an ISAPI filter with 1 IIS that can limit the type of HTTP requests that the server will process. By blocking specific HTTP requests, the URLScan filter can prevent potentially harmful requests from reaching the server and causing harm. URLScan can be used for IIS7.5, IIS7, IIS6.
IIS7. Under 5 need to install IIS6 metadata compatibility, download website: http: / / www iis. net/download/urlscan

URLScan configuration file: C:\Windows\System32\inetsrv\urlscan\ UrlScan.ini

Details of configuration files:

UseAllowVerbs=1
; HTTP type of request allowed;
; If set to 1, [AllowVerbs] takes effect;
; If set to 0, [AllowVerbs] takes effect.
UseAllowExtensions=0
; The type of suffix that allows the request;
; If set to 0, [DenyExtensions] takes effect;
; If set to 1, [AllowExtensions] takes effect.
NormalizeUrlBeforeScan=1
; Standardize URL before implementation.
VerifyNormalization=1
; Dual standardization URL.
AllowHighBitCharacters=1
; If set to 1, all bytes are allowed in URL.
; If set to 0, URL with non-ASCII characters will be rejected (e.g. UTF8 or MBCS).
AllowDotInPath=0
; If set to 0, URLScan rejects all requests that contain multiple periods (.).
RemoveServerHeader=0
; Set to 1 to hide server information.
AlternateServerName=
; If RemoveServerHeader is set to 0, this customizes the server close information.
; If RemoveServerHeader is set to 1, this option is ignored.
EnableLogging=1
; Log on
PerProcessLogging=0
; If set to 0, create log files for each process.
PerDayLogging=1
; If set to 1, URLScan creates a new log file every day.
AllowLateScanning=0
; If set to 0, URLScan runs as a high-priority filter.
UseFastPathReject=0
; If set to 1, URLScan ignores the RejectResponseUrl setting and immediately returns a 404 error message to the browser.
; If set to 0, URLScan USES the RejectResponseUrl setting to return the request.
RejectResponseUrl=
; Set the Url path to return

Related articles: