Home
Topics
Topics Archive
WinIT Resources
Locking IP address when SSL login is entered incorrectly

Ask the Expert

Locking IP address when SSL login is entered incorrectly

Is there anyway to lock an IP address when Secure Sockets Layer (SSL)login has been wrongly entered for a certain times?

No. There's no way built into IIS. There are a couple of alternatives that may meet your needs.

The simplest is to have Web users authenticate to NT4 or Windows 2000 user accounts, and enable password lockouts. After x number of unsuccessful authentication attempts, the password will be locked out. This solution doesn't block a user's IP address, however, so it doesn't completely meet your needs.

It's also possible to create an ISAPI filter that intercepts incoming HTTP requests and counts the number of times requests from a given IP address include authentication information. If a specific address is attempting a brute-force attack, this ISAPI filter could manipulate the IIS metabase and institute Source-IP Filtering for that address. This meets your needs, but you'll have to do some coding.

More News and Tutorials

Articles

Related glossary terms

Terms for Whatis.com - the technology online dictionary

This was first published in February 2001

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

Back to top

More from Related TechTarget Sites

Windows Server
Exchange
Enterprise Desktop
Cloud computing
SQL Server
IT Channel

Windows Server
- Office, 32-bit Windows fixes included in Patch Tuesday update
  
  Microsoft offered five bulletins in June's Patch Tuesday updates, with 19-vulnerability critical Internet Explorer patch and Windows Server 2008 fixes.
- Q&A: Anderson talks BYOD management in Windows Server 2012 R2
  
  Microsoft's Brad Anderson talks about changes to expect in Windows Server 2012 R2 features, including some to security and enterprise mobility.
- Q&A: Microsoft's Brad Anderson talks Windows Server 2012 R2
  
  Microsoft's Brad Anderson discusses new features in Windows Server 2012, including a faster update cycle and cross-platform integration.
Exchange
- Spotlight on top new Exchange 2013 features
  
  There are several new Exchange 2013 features that should interest those debating an upgrade. We examine several standouts and how to work with them.
- How to modify OWA 2013 to support Microsoft Lync
  
  Properly modifying OWA 2013 is necessary to allow users Lync functionality such as instant messaging and presence. We offer the necessary steps here.
- Block badly behaving Exchange ActiveSync devices in Exchange 2013
  
  Misbehaving Exchange ActiveSync devices can put a serious strain on your environment. Take control with new auto-block thresholds in Exchange 2013.
Enterprise Desktop
- Q&A: Microsoft's Erwin Visser discloses Windows 8 mobile strategy
  
  Microsoft GM Erwin Visser discusses the company's mobile strategy for Windows 8 and the need to deliver one device supporting all types of computing.
- Q&A: Microsoft's Erwin Visser on Windows 8.1 updates, security
  
  Microsoft's Erwin Visser discusses Windows 8.1 features, how IT can keep pace with faster update cycles and Windows security enhancements.
- Telerik updates Windows 8 app development tools
  
  Telerik's updated DevCraft tool for developing Windows 8 apps helps IT to deliver business apps to end users on PCs and tablets.
Cloud computing
- IBM, Salesforce deals usher in cloud consolidation era
  
  IBM's SoftLayer buy is getting mixed reviews from IT pros, but everyone agrees that it's an example of the consolidation phase of the cloud bubble.
- U.S. defense agencies' cloud transition yields better intelligence
  
  A cloud migration seems daunting but the effort is worthwhile; U.S. defense agencies say their cloud move led to better military intelligence.
- Simple tricks to lower your AWS cloud costs
  
  There are a number of ways to lower AWS costs and improve the Amazon cloud experience. Here are a few cost-cutting tips any AWS cloud shop can use.
SQL Server
- SQL Server 2014 'keeps up with the Joneses,' says analyst
  
  Ovum analyst Tony Baer says that most database platforms are moving toward in-memory features, and SQL Server 2014 is no different.
- SQL Server high availability: Natural enemy of virtualization?
  
  Do SQL Server high availability and virtualization go together or not? Find out if virtualization is a good option for you in this tip by Bob Sheldon.
- SQL Server 2014 due out in late 2013, in-memory OLTP a big feature
  
  Microsoft announced that the next version of its database, SQL Server 2014, will have in-memory features and be generally available in late 2013.
IT Channel
- Mark Enzweiler on Red Hat partner account segmentation, channel conflict
  
  Mark Enzweiler, Red Hat partner chief, discusses the challenges the company faces with its partner community as it grows its product base.
- Avnet rolls out an analytics channel package based on HP Vertica
  
  Avnet rolls out an analytics channel package based on HP Vertica that's designed to help partners speed the buildout of their analytics practices.
- Red Hat Summit 2013: Company pushes 'open innovation' as future of IT
  
  At Red Hat Summit, the company gives a July target date for its OpenStack distribution and OpenStack Cloud Infrastructure; and more news.

All Rights Reserved,Copyright - 2013, TechTarget