[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

How to block a public IP on windows Firewall

Posted on 2012-09-13
8
Medium Priority
?
690 Views
Last Modified: 2012-09-18
We have apache running on Windows server 2008. We got a public IP hitting us incessantly. How do we block it on the Windows Firewall. I can't put a .htaccess directive as this is a production box.
I have edited the Windows advanced security firewall and edited the Inbound rules to block the IP address but I can still see it hitting our site.
0
Comment
Question by:legolasthehansy
  • 4
  • 2
  • 2
8 Comments
 
LVL 5

Expert Comment

by:albelo
ID: 38395412
1. Log into your server.

2. Click on start > administrative tools > windows firewall with advanced security.

3. On the left side of the firewall window click on the inbound rules option.

4. On the right side of the screen click on New Rule.

5. Click on the custom radio button and then click next.

6. Make sure the All programs radio is selected then click next.

7. On the protocol and ports options leave everything at its defaults and click next.

8. On the scope screen you will see two boxes the top one is for local IP addresses and the bottom is for remote IP addresses. In this scenario we are trying to block an outside (remote) IP from accessing anything on the server so we will need to add the IP address to this section only as it will not be a local IP address.

9. Click on the radio that says "these IP addresses " in the remote section as shown below:

10. Click on the Add button.

11. In the next window we will be adding a single IP address to the rule, you can also add an entire range at this point if you wish.

12. Click ok, click next.

13. Make sure you select the Block the connection radio on the next screen and then click next.

14. Leave all of the options on the next screen checked this will be sure to block the IP no matter the connection they are trying to use. Click next.

15. Name the rule on the next screen something you can remember in case you wish to remove or edit it in the future. Click finish and thats it.
0
 
LVL 11

Author Comment

by:legolasthehansy
ID: 38395455
That's what I did. Here is a screenshot of the rule applied. On Netstat, I can still see the IP bombarding us.
black-list.png
0
 
LVL 30

Expert Comment

by:pgm554
ID: 38395490
Wouldn't that be better off done through your router?
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
LVL 11

Author Comment

by:legolasthehansy
ID: 38395500
The server is on the cloud and the technicians have told us once the IP is blocked we won't be able to revoke which is a requirement the customer has put. I was looking at Windows Firewall for a solution.
0
 
LVL 5

Expert Comment

by:albelo
ID: 38395527
It will still hit the server, and but it should block it from hitting Apache.
0
 
LVL 30

Expert Comment

by:pgm554
ID: 38395541
You wouldn't be able to revoke it?

I'd get another cloud provider as this one sounds flaky.

They work for you,not the other way around.
0
 
LVL 11

Accepted Solution

by:
legolasthehansy earned 0 total points
ID: 38395566
DUH! The public profile wasn't turned on for Windows Firewall.
@pgm554 - I know. We are looking to move to EC2 which gives us more options to customize than the one we are in.

Thank you experts!
0
 
LVL 11

Author Closing Comment

by:legolasthehansy
ID: 38408714
Being a Linux admin this was too hard for me. :-)
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
Suggested Courses

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question