Multiple HTTP requests from different IPs - IIS - Microsoft IIS Web Server and ASP.NET forum at WebmasterWorld

Forum Moderators: open

Message Too Old, No Replies

Multiple HTTP requests from different IPs - IIS

blocking HTTP requests from different IPs IIS ASP flood control mitigation

KHWeb

10:46 am on Oct 15, 2008 (gmt 0)

Hello,

I have multiple HTTP requests (20 to 50 within 1 sec) from a bot flooding an IIS server, running ASP websites. This flood of HTTP requests is crashing the IIS Application Pool, so legit users get 500 errors and broken pages and it is costing us greatly.

The attacker(s) change IP addresses after a couple of requests, so just blocking the IP has not been effective. From the log files I can see a lot of 400 responses because they are requesting pages that do not exist.

How can I block this flood of HTTP requests coming from multiple IPs?

Does anybody have a script (in ASP would be great!) that can block multiple requests when they are done within a short period of time?

Thanks,

Lightguy1

7:01 pm on Oct 17, 2008 (gmt 0)

I had a similar problem. It was when a user comes to my site (and has AVG toolbar installed) it gets stuck in a loop and continues to try to request files.

Are the requests always for the same file?

I ended up returning a 404 for the requests and that solved my problem