How to stop attacks on your site via IIS
Often we see hack-bots or other automated hacking tools crawling our sites and hammering various pages looking for vulnerabilities. There is an easy way to put a stop to this through Microsoft IIS 7.0 (and later).
Make sure you have the “IP Address and Domain Restrictions” module loaded in IIS (if not, install it.)
Launch it and add a DENY entry.
If the attacker is coming from AAA.BBB.CCC.49, I usually put a range block in there from
AAA.BBB.CCC.0 to AAA.BBB.CCC.254
At that point I usually restart the server because I’ve noticed that these blocks do not tend to take effect until (at minimum) the whole IIS process is restarted. Restarting the box works for me.