Blocking Unwanted IP From Your Site

IIS URL Rewrite Rules
  This article applies only to Windows 2008-2012 servers with IIS7/IIS8 (sites hosted on our raptor13 or newer). It explains how to use the IIS Rewrite Module to block incoming traffic based on IP, for example if you don't want certain countries to access your site or to block a form spammer.

Step 1: Download the web.config file from your site root folder.

Step 2: Open this file in your favorite text editor and insert the following redirection code inside the <configuration> tags.

<system.webServer>
    <rewrite>
       <rules>
        <rule name="Blocked IPs" stopProcessing="true">
            <match url=".*" />
            <conditions>
                <add input="{Bad Ips:{REMOTE_ADDR}}" pattern="1" />
            </conditions>
            <!-- Actions can be Custom Rewrite, Redirect, or Just Abort Request, uncomment examples as needed (only one action is allowed) -->
            <action type="CustomResponse" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
            <!-- This one will rewrite url to specified file -->
            <!-- <action type="Rewrite" url="error.html" appendQueryString="false" /> -->
            <!-- This on will redirect to another site -->
            <!-- <action type="Redirect" url="http://www.google.com" appendQueryString="false" /> -->
            <!-- This one will just Abort -->
            <!-- <action type="AbortRequest" /> -->
        </rule>
    </rules>
    <rewriteMaps>
        <rewriteMap name="Bad Ips">
            <!-- This one will use wildcards -->
            <add key="108.166.*.*" value="1" />
            <!-- This one wil use static IP -->
            <add key="12.13.15.16" value="1" />
        </rewriteMap>
    </rewriteMaps>
    </rewrite>
<system.webServer>

Step 3: Save the file and upload it back to your FTP

If if the <system.webServer> already exists in your web.config place the code minus the <system.webServer> tags inside the existing tag structure.


Add Feedback