Solved

How to stop brute force attacks on our TFS 2010 going through our reverse proxy?

Posted on 2011-03-06
1
722 Views
Last Modified: 2013-11-25
I have setup TFS 2010 to connect to the internet via our reverse proxy.  Now I would like to stop brute force attacks to ban ip addresses that keep trying to 'guess' passwords.  Is this an IIS change or a reverse proxy change?  If it is a IIS change what do I need to do to stop people from guess TFS passwords?
0
Comment
Question by:IandINSW
1 Comment
 
LVL 23

Accepted Solution

by:
Admin3k earned 250 total points
ID: 35081187
- USE complex passwords whenever possible.
- Always Use HTTPS for Published TFS implementations
-Block the offensive IPs using IIS

http://www.winserverhelp.com/2010/07/creating-ip-address-restrictions-in-iis/
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Problem with Gitlab 5 1,467
Deploying test website using Git subtree 3 152
team foundation server 3 76
Automate Upload with Git using Bit Bucket / Source Tree 4 77
INTRODUCTION Subversion is a fantastic version management and software configuration management tool for teams and individuals to manage software applications. It offers many advantages over it's CVS ancestor such as it's built-in compatibility w…
Article by: gr8gonzo
Git can be a complicated version control system for beginners, but it definitely is one of the best ones out there. Since this article assumes that you're starting at square one, it will skip over things that Git -can- do and will focus on the typic…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question