I would like to have a secure server, so why not block all unknown file extensions? I can easily achieve that by setting allowUnlisted to false in applicationHost.config file on <system.webServer\requestFiltering\fileExtensions> tag.
But why I cannot access my site via http://(server_name)/! Why the rule starts to block default document?
The single DOT can save you again. Simply create a new rule under <fileExtensions> tag like this,
<add fileExtension="." allowed="true" />
And you are done.