Solved

How to stop brute force attacks on our TFS 2010 going through our reverse proxy?

Posted on 2011-03-06
1
724 Views
Last Modified: 2013-11-25
I have setup TFS 2010 to connect to the internet via our reverse proxy.  Now I would like to stop brute force attacks to ban ip addresses that keep trying to 'guess' passwords.  Is this an IIS change or a reverse proxy change?  If it is a IIS change what do I need to do to stop people from guess TFS passwords?
0
Comment
Question by:IandINSW
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 23

Accepted Solution

by:
Mohamed Osama earned 250 total points
ID: 35081187
- USE complex passwords whenever possible.
- Always Use HTTPS for Published TFS implementations
-Block the offensive IPs using IIS

http://www.winserverhelp.com/2010/07/creating-ip-address-restrictions-in-iis/
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When working in a large software development team, whether you have many developers working on the same projects, or your project is linked to other projects; it is very important that developers regularly perform "get latest" to ensure that the cha…
Article by: gr8gonzo
Git can be a complicated version control system for beginners, but it definitely is one of the best ones out there. Since this article assumes that you're starting at square one, it will skip over things that Git -can- do and will focus on the typic…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question