Responsive Ad Area

Share This Post

test

How to get IIS requestfiltering to perform exact match on denyStrings

So I have this configuration block, and I’m particularly looking to block URLs.

<security>
  <requestFiltering allowDoubleEscaping="true">
            <filteringRules>
                <filteringRule name="testrule" scanUrl="false" scanQueryString="false">
                    <scanHeaders>
                        <clear />
                        <add requestHeader="User-agent" />
                    </scanHeaders>
                    <denyStrings>
                        <clear />
                        <!-- MY QUESTION IS ABOUT THIS BLOCK -->
                    </denyStrings>
                    <appliesTo>
                        <clear />
                    </appliesTo>
                </filteringRule>
            </filteringRules>
        </requestFiltering>
</security>

When I add this line to <denyStrings> section where I escape the . character:

<add string="yacy.net" />

User-Agent: yacy.net still works.

With this line:

<add string="yacy.net" />

User-Agent: yacy.net is blocked, but so are yacy.net1 and 2yacy.net1.

My question: How can I block exact match strings only? Instead of partial matches, like it is doing now. I can’t find anything on this in the Microsoft docs and apparently I’m not the only one.

Related to this: When looking at blocking through a .htaccess file I normally have to escape spaces, . and underscores, but apparently escaping is not needed under IIS?


How to get IIS requestfiltering to perform exact match on denyStrings
How to get IIS requestfiltering to perform exact match on denyStrings
test
{$excerpt:n}

Share This Post

Leave a Reply

Your email address will not be Publishedd. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Skip to toolbar