How to block a public IP on windows Firewall

We have apache running on Windows server 2008. We got a public IP hitting us incessantly. How do we block it on the Windows Firewall. I can't put a .htaccess directive as this is a production box.
I have edited the Windows advanced security firewall and edited the Inbound rules to block the IP address but I can still see it hitting our site.
LVL 11
legolasthehansyAsked:
Who is Participating?
 
legolasthehansyConnect With a Mentor Author Commented:
DUH! The public profile wasn't turned on for Windows Firewall.
@pgm554 - I know. We are looking to move to EC2 which gives us more options to customize than the one we are in.

Thank you experts!
0
 
albeloCommented:
1. Log into your server.

2. Click on start > administrative tools > windows firewall with advanced security.

3. On the left side of the firewall window click on the inbound rules option.

4. On the right side of the screen click on New Rule.

5. Click on the custom radio button and then click next.

6. Make sure the All programs radio is selected then click next.

7. On the protocol and ports options leave everything at its defaults and click next.

8. On the scope screen you will see two boxes the top one is for local IP addresses and the bottom is for remote IP addresses. In this scenario we are trying to block an outside (remote) IP from accessing anything on the server so we will need to add the IP address to this section only as it will not be a local IP address.

9. Click on the radio that says "these IP addresses " in the remote section as shown below:

10. Click on the Add button.

11. In the next window we will be adding a single IP address to the rule, you can also add an entire range at this point if you wish.

12. Click ok, click next.

13. Make sure you select the Block the connection radio on the next screen and then click next.

14. Leave all of the options on the next screen checked this will be sure to block the IP no matter the connection they are trying to use. Click next.

15. Name the rule on the next screen something you can remember in case you wish to remove or edit it in the future. Click finish and thats it.
0
 
legolasthehansyAuthor Commented:
That's what I did. Here is a screenshot of the rule applied. On Netstat, I can still see the IP bombarding us.
black-list.png
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
pgm554Commented:
Wouldn't that be better off done through your router?
0
 
legolasthehansyAuthor Commented:
The server is on the cloud and the technicians have told us once the IP is blocked we won't be able to revoke which is a requirement the customer has put. I was looking at Windows Firewall for a solution.
0
 
albeloCommented:
It will still hit the server, and but it should block it from hitting Apache.
0
 
pgm554Commented:
You wouldn't be able to revoke it?

I'd get another cloud provider as this one sounds flaky.

They work for you,not the other way around.
0
 
legolasthehansyAuthor Commented:
Being a Linux admin this was too hard for me. :-)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.