Perhaps someone will offer that, but there are other thoughts to consider (including whether you should be doing that job yourself at all).
So first, how about if instead of blocking them in the Windows firewall, you blocked them in IIS? You can do that if you have added the “ip and domain restrictions” feature to IIS (using Server Manager), where they you can block by IP at the site or server level (within iis). And you can add ips to that using a command line tool that lets you do about any iis config changes, appcmd.exe. And then you could call THAT from cfexecute. Of course, blocking IPs like this (in IIS or the firewall, or elsewise) is a bit like playing whack-a-mole. You shut down one and the same crap requests start coming from another. That gets frustrating. You can also block by user agent, instead (if they always show some common one that you’d always want to block), and you can do that in IIS as well by adding a “rule” in the “request filters” feature (also optionally enabled using Server Manager), that blocks on the “header” named “user-agent” with the value of the user agent string. Honestly, even that gets old after a while, and you may want to look instead to outside tools or services that handle all this for you. There are ones that work at the web server level, others as a hardware appliance, still others as services (where you route your traffic through them to “launder” such bad traffic). Such tools and services do MUCH more than just block by bad IPs (and the better ones do it so well they’re worth it, while lesser ones may suffer from false positives or be a hassle to configure). Anyway, I keep a list of such tools and services (at that variety of levels here: cf411.com/security /charlie From: houcfug@googlegroups.com <houcfug@googlegroups.com> On Behalf Of Mike G Sent: Friday, September 21, 2018 02:29 PM To: houcfug@googlegroups.com Subject: [houcfug] Windows Firewall Hello All, Has anyone seen anything that will allow me to use ColdFusion to programatically add IP addresses to Windows firewall on the server? I manage this now with a script and a db and ban offenders using CF, but I would prefer to not have to check every IP against a DB and instead just put them directly into Windows Firewall into a Black Hole group I created for the aggressive offenders. TIA, M -- -- -- You received this message because you are subscribed to the "Houston ColdFusion Users' Group" discussion list. To unsubscribe, send email to houcfug-unsubscr...@googlegroups.com For more options, visit http://groups.google.com/group/houcfug?hl=en --- You received this message because you are subscribed to the Google Groups "Houston ColdFusion Users' Group" group. To unsubscribe from this group and stop receiving emails from it, send an email to houcfug+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
