question

SachinNavod-7340 avatar image
0 Votes"
SachinNavod-7340 asked SamWu-MSFT answered

What are the best Deny Criteria values for Dynamic IP Restrictions IIS and How can i notify DDOS Attacks.

I need to know the best Deny Criteria values for Dynamic IP Restrictions on IIS to protect from DDOS.
and if I was not going to block those IPs,
I need a way to get notifications number of concurrent requests coming and number of requests coming over a period of time.
(can i get those details by analyzing IIS logs? if it is possible how can I do it? )

I highly appreciate your comments.
thank you!

windows-server-iis
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

SamWu-MSFT avatar image
0 Votes"
SamWu-MSFT answered

@SachinNavod-7340

I need to know the best Deny Criteria values for Dynamic IP Restrictions on IIS to protect from DDOS.

I don't think that there is a the best Deny Criteria values for Dynamic IP Restrictions on IIS, It depends on RPS, requests execution time etc. by default, the default settings provided by IIS seem reasonable, and here an experimental approach to find sensible settings you can use as a reference: https://stackoverflow.com/a/21434893/13336642.

I need a way to get notifications number of concurrent requests coming and number of requests coming over a period of time.

You can run the IIS logs through Log Parser to get the total number of requests and how long each took.


If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.