File Name Extensions for Filtering Rules
Setup
The default installation of IIS 7 and later includes the Request Filtering role service or feature. If the Request Filtering role service or feature is uninstalled, you can reinstall it using the following steps.
WINDOWS SERVER 2012 OR WINDOWS SERVER 2012 R2
- On the taskbar, click Server Manager.
- In Server Manager, click the Manage menu, and then click Add Roles and Features.
- In the Add Roles and Features wizard, click Next. Select the installation type and click Next. Select the destination server and click Next.
- On the Server Roles page, expand Web Server (IIS), expand Web Server, expand Security, and then select Request Filtering. Click Next.
. - On the Select features page, click Next.
- On the Confirm installation selections page, click Install.
- On the Results page, click Close.
WINDOWS 8 OR WINDOWS 8.1
- On the Start screen, move the pointer all the way to the lower left corner, right-click the Start button, and then clickControl Panel.
- In Control Panel, click Programs and Features, and then click Turn Windows features on or off.
- Expand Internet Information Services, expand World Wide Web Services, expand Security, and then select Request Filtering.
- Click OK.
- Click Close.
WINDOWS SERVER 2008 OR WINDOWS SERVER 2008 R2
- On the taskbar, click Start, point to Administrative Tools, and then click Server Manager.
- In the Server Manager hierarchy pane, expand Roles, and then click Web Server (IIS).
- In the Web Server (IIS) pane, scroll to the Role Services section, and then click Add Role Services.
- On the Select Role Services page of the Add Role Services Wizard, select Request Filtering, and then click Next.
- On the Confirm Installation Selections page, click Install.
- On the Results page, click Close.
WINDOWS VISTA OR WINDOWS 7
- On the taskbar, click Start, and then click Control Panel.
- In Control Panel, click Programs and Features, and then click Turn Windows Features on or off.
- Expand Internet Information Services, then World Wide Web Services, and then Security.
- Select Request Filtering, and then click OK.
How To
HOW TO ADD A REQUEST FILTERING RULE
- Open Internet Information Services (IIS) Manager:
- If you are using Windows Server 2012 or Windows Server 2012 R2:
- On the taskbar, click Server Manager, click Tools, and then click Internet Information Services (IIS) Manager.
- If you are using Windows 8 or Windows 8.1:
- Hold down the Windows key, press the letter X, and then click Control Panel.
- Click Administrative Tools, and then double-click Internet Information Services (IIS) Manager.
- If you are using Windows Server 2008 or Windows Server 2008 R2:
- On the taskbar, click Start, point to Administrative Tools, and then click Internet Information Services (IIS) Manager.
- If you are using Windows Vista or Windows 7:
- On the taskbar, click Start, and then click Control Panel.
- Double-click Administrative Tools, and then double-click Internet Information Services (IIS) Manager.
- If you are using Windows Server 2012 or Windows Server 2012 R2:
- In the Connections pane, go to the site, application, or directory for which you want to configure request filtering.
- In the Home pane, double-click Request Filtering.
- In the Request Filtering pane, click the Rules tab.
- In the Actions pane, click Add Filtering Rule.
- Enter the following information for the filtering rule in the Add Filtering Rule dialog:
- Enter a friendly name for the filtering rule in the Name field.
- Select Scan url if you want the filtering rule to scan the URL stub for the request.
- Select Scan query string if you want the filtering rule to scan the query string for the request.
- Enter any HTTP headers to scan in the Scan Headers collection.
- Enter the file name extensions to use with the filtering rule in the Applies To collection.
- Enter the collection of strings to deny for the filtering rule in the Deny Strings collection.
- Click OK to close the Add Filtering Rule dialog.
Configuration
The
<appliesTo>
element of the <filteringRule>
element is configured at the site, application, or directory level.ATTRIBUTES
None.
Comments
Post a Comment