Inquiry on IIS Dynamic IP Restriction Mechanism

Question

Environment: Windows Server 2022 Standard / IIS 10

I have configured the Dynamic IP restriction with the following settings:

1. Deny IP addresses based on the number of simultaneous requests.
   • Maximum number of simultaneous requests allowed: 100
2. Deny IP addresses based on the number of requests within a specified time frame.
   • Maximum number of requests allowed within the specified time interval: 10
     • Time interval for counting requests (in milliseconds): 5000
     

Issue Description:

Upon user interaction, it was observed that several static files could not be opened. While the website remained accessible, the overall template layout was distorted. Upon investigation, it was identified as triggering the blocking restriction.

Steps Taken:

The [Deny IP addresses based on the number of requests within a specified time frame] was temporarily disabled, and the website returned to normal.

Questions:

1. Typically, if a user triggers the Dynamic IP restriction, the entire page should be inaccessible rather than specific paths.

Does IIS10 Dynamic IP restriction block access to the entire server or only specific paths when triggered?

1. Is it possible for Dynamic IP restriction to limit local IP connections?

There are parts of the code within the program that initiate connections to the same host.

Could there be a scenario where local IP triggering leads to Dynamic IP restriction blocking the local IP?

Your insights and guidance on these matters would be highly appreciated.