VBScript: Ban IPs in IIS Programatically

I used the following code a while back as part of a solution to automate the banning of spammers via their IP address.

'Here, we will pretend this is an imported list
Dim XMLarr(1)
XMLarr(0) = "65.19.238.21"
XMLarr(1) = "198.31.175.100"

Set objIIS = GetObject("IIS://localhost/w3svc") 'careful, this sets IPDENY on every child web
Set IISipsec = objIIS.IPSecurity
If (IISipsec.GrantByDefault = True) Then
arrIP = IISipsec.IPDeny
arrIPSize = ubound(arrIP)
For i = 0 to arrIPSize
arrIPstring = arrIPstring & "," & arrIP(i) 'going to use for dupes later.
Next
ReDim preserve arrIP(arrIPSize + UBound(XMLarr)+1)
for i = 0 to UBound(XMLarr)
myNum = arrIPSize + i+1
If InStr(arrIPstring,XMLarr(i)) = 0 Then
arrIP(myNum) = XMLarr(i)
End If
Next
IISipsec.IPDeny = arrIP
objIIS.IPSecurity = IISipsec
objIIS.SetInfo
End If
Set IISipsec = nothing
Set objIIS = nothing

Chrissy is a Cloud and Datacenter Management & Data Platform MVP who has worked in IT for over 20 years. She is the creator of the popular SQL PowerShell module dbatools, and holds a number of certifications, including those relating to SQL Server, Linux, SharePoint and network security. You can follow her on Twitter at @cl.

Posted in IIS, Security, VBScript
2 comments on “VBScript: Ban IPs in IIS Programatically
  1. vern says:

    Hey there! Just happened to see a link to your old netnerds blog tonight and ended up here. Good to see you’re back!

    How are you? How is (don’t be mad if I’m wrong) Celia?

    So, I was browsing and I saw this code here, and I was wondering if this could read the list of addresses gathered from the banftpip script?

    Anayway, talk to you later…

  2. vern says:

    Wait, Delia, right?

Leave a Reply

Your email address will not be published. Required fields are marked *

*