asp.net hosting
 
 Login [Lost Password] 
Email:
Password:
Remember Me:
 
 Search

Support Center » Knowledgebase » Shared Hosting » Request Filtering

 Request Filtering
Solution

IIS 7.0 incorporates all the core features of URLScan into a module called Request Filtering and added a feature called Hidden Segments. This list of IIS.net links recaps each of the features Request Filtering provides and gives a real world example of how to apply it to your environment.

Request Filtering may be managed via the IIS Manager if IIS Delegation has been enabled.

˘ Filter Double-encoded Requests - This feature prevents attacks that rely on double-encoded requests.
˘ Filter High Bit Characters -  This feature defines a set of allowed file extensions that IIS 7.0 will serve.
˘ Filter Based on File Extensions - This feature defines a set of allowed file extensions that IIS 7.0 will serve.
˘ Filter Based on Request Limits - This filter combines three features:

1. maxAllowedContentLength this is the upper limit on the content size.
2. maxUrl this is the upper bound on a URL length.
3. maxQueryString this is the upper bound on the length of a query string.

˘ Filter by Verbs - This feature defines a list of VERBS that IIS 7.0 accepts as part of a request.
˘ Filter Based on URL Sequences - This feature defines a list of sequences that IIS 7.0 rejects when it is part of a request.



Article Details
Article ID: 866
Created On: Mar 16 2009 08:01 PM

 This answer was helpful  This answer was not helpful

 User Comments Add a Comment
 Back
 
 Article Options
 Add Comment
 Print Article
 PDF Version
 Email Article
 Add to Favorites
 
Home | Register | Submit a Ticket | Knowledgebase | News | Downloads