I`m looking for a way to detect and mitigate the Bruteforce attacks that comming against to web pages that hosted in the IIS servers.
what are the free of cost and charged options i can go with.
Secure IIS hosted web pages from bruteforce attacks.
There are two types of brute force, one against the server and to find the password for the Windows Server and you might protect it using Group Policy, like Account Lockout policy, take a look at:
https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/account-lockout-policy
In case you are referring to the password for your web application, then you have written codes to protect it against the brute force attack.
You may consider Microsoft ATP too, have a look at:
https://www.microsoft.com/en-ph/dpa-trustcenter/privacy/advancedthreatprotection
https://www.microsoft.com/security/blog/2018/05/08/securing-the-modern-workplace-with-microsoft-365-threat-protection-part-3/
Hi @SachinNavod-7340 ,
I think the most radical solution is to directly restrict the IP address from which the attack is issued. Because as long as the IP is not restricted, the attacker can send a request to the server and obtain the application's password or administrator password through brute force. IP restrictions in IIS can directly deny all requests from a certain IP, preventing it from having the opportunity to brute force.
Using Dynamic IP Restrictions.
Another suggestion is using proxy server before application server. Let the proxy server filter the request and intercept the attack request. Give the application server more performance to handle real requests.
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Best regards,
Bruce Zhang
2 people are following this question.
