Ignoring HTTP 1.0 requests in IIS
Is there a way to ignore HTTP 1.0 requests in IIS (7.0)? I don’t see any reason to accept requests that are not HTTP 1.1.
Step 1: download and install URL Rewrite.
Step 2: add the following to your web.config file, to the <system.webServer> section:
<rewrite>
<rules>
<rule name="RequestBlockingRule1" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions>
<add input="{SERVER_PROTOCOL}" pattern="HTTP/1.0" />
</conditions>
<action type="AbortRequest" />
</rule>
</rules>
</rewrite>
This will refuse all HTTP 1.0 requests with a HTTP 504 error code.
Edit: after installing URL Rewrite, you can also configure rewrite rules in IIS Manager:
Check more discussion of this question.
Related posts:
- Using IIS 7.5 URL Rewrite, how can I redirect all requests not from a particular subdomain to a specific page?
- Redirect users from HTTPS to HTTP via IIS and the web.config file
- Redirect incoming requests to specific URLs in IIS 7
- Help with IIS rewrite rule
- Can I configure IIS 7+ to do a dynamic reverse proxy based on the incoming hostname?
Leave a comment
Recent Posts
- Understanding redundant power supplies
- Is there a way for administrators to disable users from installing Firefox extensions?
- Is there research material on NTP accuracy available?
- How to create a limited “domain admin” that does not have access to domain controllers?
- Can Windows RDC admin users be immune from being kicked?
Tags
active-directory
amazon-ec2
apache
apache2
backup
bash
centos
cisco
command-line
debian
dns
email
exchange
firewall
iis
iis7
iptables
linux
macosx
monitoring
mysql
networking
nginx
performance
permissions
php
postfix
raid
security
sql-server
sql-server-2005
sql-server-2008
ssh
ssl
ubuntu
unix
virtualization
vpn
webserver
windows
windows-7
windows-server-2003
windows-server-2008
windows-server-2008-r2
windows-xp