Security guidelines to detect and prevent DOS attacks targeting IIS/Azure Web Role (PAAS)

In a previous blog, we explained how to Install IIS Dynamic IP Restrictions in an Azure Web Role. In the present article, we’ll provide guidelines to collect data and analyze it to be able to detect potential DOS/DDOS attacks. We’ll also provide tips to protect against those attacks. While the article focuses on web applications…


Encrypting connectionStrings in Web.Config using the NetFrameworkConfigurationKey in an IIS Web Farm scenario

One of the most recommended measure during a web application security audit is to encrypt the connectionStrings section from a Web.Config file. If this operation could be quite easy in a single IIS server environment, it could be really difficult in a Web Farm environment with data replication between every servers. If you encrypt this…


Encryption de la connectionStrings dans un Web.Config via la clé NetFrameworkConfigurationKey dans un scénario de Web Farm IIS

Une des mesures les plus recommandées lors d’audit de sécurité d’applications web, est l’encryption de la section connectionStrings dans le fichier Web.Config. Si cette opération s’avère relativement simple dans un environnement avec un seul serveur IIS, cela peut se compliquer lorsque l’on parle de Web Farm avec réplication de données entre différents serveurs. Si vous…


WebRole entry point and config file…

When you write a web role requiring application specific configuration (like assembly binding), you may have a hard time trying to figure out which app configuration file should be used and how to get it deployed and used in your role. This issue has been hit by many developers and raised in many blogs &…


Easily detect and block malicious HTTP requests targeting IIS/ASP.NET using “BLACKIPS”

In a previous blog, I have detailed how to Install IIS Dynamic IP Restrictions in an Azure Web Role to block DOS attack targeting a web role in Azure. In many situation, an attacker may combine other attacks to DOS such as script injection attacks trying to test and target application’s vulnerabilities by sending malicious…


Installing IIS Dynamic IP Restrictions in an Azure Web Role (PAAS)

  A Denial-Of-Service (DOS) attack can target any application/tenant should it be hosted in Windows Azure or hosted by an ISP. If you are using Azure Web Sites or IIS in a VM (IAAS), a simple way to mitigate such attack would be to enable Dynamic IP Restrictions as described in many blog articles: Configuring…


How to analyse IIS logs using LogParser / LogParser Studio

In a previous blog article I’ve detailed how to analyse IIS Logs using Excel. However, when you get very huge logs or when you want to automate this operation, Excel is not the best way to do. It’s where LogParser 2.2 takes over. It allows you to parse any kind of logs (IIS, HTTPErr, Event…