Logo
  Wednesday, November 14, 2018
Sign-In  |  Sign-Up  |  Contact Us  | Bookmark |  RSS Feed

UrlScan 3.1 for IIS 7.5  

UrlScan 3.1 labeled as a security tool which is used in restricting certain classes of HTTP requests which call for IIS in processing. This blocks HTTP requests and aid in the deterrence of probable damaging requests from scoping applications over a particular server. UrlScan 3.1 is variably an update to UrlScan 2.5 which supports IIS 5.1, IIS 6.0 and IIS 7.0 that are platformed over Windows Vista and Windows Server 2008.

 

 

Potentially Damaging requests deterrence from reaching Web applications

 

UrlScan 3.1 procedurally filters incoming web request directed to a server through screening request based on rule which has been pre-determined by the administrator. This ensures that an only valid request passes through.

 

 

SQL injection attacks mitigation

 

UrlScan 3.1 is configurable to effectively screen HTTP query string variables and as well as other HTTP headers for the procedural SQL injection attacks mitigation.

 

 

Log Files Analyzation

 

UrlScan 3.1 grants W3C formatted logs for simplifying log file analysis by the procedural log parsing identified by Microsoft Log Parser 2.2.

 

 

Functional Attributes

 

  • New installer warrants UrlScan 3.1 direct IIS 5.1, IIS 6.0, and IIS 7.0 installation
  • "Deny" rules creation specific to query string, particular header  and all headers
  • DenyQueryString division within the configuration grants the possibility to  supplicate deny rules particular to query strings with checking options for the query string’s un-escaped version
  • AlwaysAllowedUrls division within the configuration grants the possibility to identify  safe URLs which is oriented to bypassall URL based checks
  • AlwaysAllowedQueryStrings division within the configuration grants identification possibilities for safe query strings which is oriented to bypass all query string checks
  • Escape sequences can be utilized for variables of deny rules paralleled to targeting CRLF and other sequences which are attributed to  non-printable characters
  • Multiple UrlScan instances are installable as site filters with respective rules and configuration encapsulated as UrlScan.ini
  • Altered notifications for UrlScan.ini can be reproduced directed to parallel the function of  IIS worker processes
  • Enhanced W3C formatted logging provides detailed configuration errors contained within the Remarks header.
Print UrlScan 3.1 for IIS 7.5 Bookmark UrlScan 3.1 for IIS 7.5

Related Articles  
IIS Security Authorization < authorization >
The < authorization > element permits the configuration of user account which is warranted to have direct access to a ...
IIS Feature Delegation
IIS administrators usually assign minimum rights for developers to use IIS in their development work. Developers can ...
IIS Security Feature
IIS security feature is one of the important features since it is responsible for securing your websites, installation ...
IIS Dynamic IP Restrictions
IIS Dynamic IP Restrictions Extension grants hosters and IT administrators a particular module which has of ...
More