Server iis security expert

MYIIS-VIFAn intelligent IIS multi-functional software written to make up for the lack of functions of IIS itself. It can integrate multiple functions that IIS itself does not have on itself. Users can selectively use it, no matter what script your IIS is installed and used, VIF supports it. This software is mainly aimed at users who have IDC servers or independent servers, creating a safe and stable IIS environment for you!
When the software was first designed, we chose a design pattern that integrated multiple functions into one (this is the result if you are not a major), so webmasters are asked to selectively enable software functions. Just configure whatever functions you need. Will not affect server speed. In today's cloud era, if everyone has a VPS, you can become an excellent security expert for your website. The main features of MYIIS-VIF software:
1. SQL injection interception, get post cookies. You can define the interception output yourself.
2. Customization of error pages. You can customize the display of error pages. This increases the threshold for injection from another level. It is recommended that webmasters enable it.
3.CC interception protection. CC attacks always aim at endlessly consuming various server resources. Thanks to the friends who helped me test CC before, especially fish.
4. Functions that other webmasters may use: anti-leeching, anti-Thunder mirroring, IIS core-level URL rewriting, IP interception and shielding, site threads, server camouflage and basic illegal keyword interception and shielding, etc...
Software CHANGELOG:
Compared with the previous paid version, no functions have been deleted from this version. Instead, the 4.5.2 version has fixed several minor bugs to make the system more stable. The details are as follows:
1. Merged the previous ISAPI EXTENTED DLL module into the IsApi Filter module of Virtualiisfirewall, making it an IIS dual interface, allowing various key data to be shared. Speed, faster and more stable.
2. The various certification checks of the previous paid software have been removed. The software is free and only needs to be activated. (Why activate?)
3. Unify the URL addresses in the official website software to prepare the website for large traffic in the future.
4. Remove the advertising Js from various text files in the Alert directory so that everyone can use it with peace of mind.
5. The packaging is unified into exe form, which is convenient for downloading and installing, and reduces the size of the installation package.
The applicable platforms of the software are: windows 2003 server for 32bit/windows 2008 32bit (please install the isapi module)
Activation code: A3EL-ADTE-HXAJ

Because it is free and powerful, many software download sites use it to prevent hotlinking. This update is the free version of the official website.
VIF〔Virtual IIS Functions〕
An intelligent IIS multi-functional software written to make up for the lack of functions of IIS itself. It can integrate multiple functions that IIS itself does not have into itself. Users can selectively use it, no matter what script your IIS is installed and used, VIF supports it. This software is mainly aimed at users who have IDC servers or independent servers, creating a safe and stable IIS environment for you!
VIF’s existing functions (more functions have not yet been introduced)
Anti-hotlinking [Super anti-hotlinking second generation technology]
Efficient and simple anti-hotlink technology allows you to prevent server resource theft in the fastest, most stable and foolproof way. It replaces all anti-theft software on the Internet and is the first to provide a wildcard function, allowing you to clearly control the anti-theft of a certain port on a certain station.The super anti-theft and 1-minute static anti-theft provided at the same time are the favorite functions of webmasters, which can protect p2sp!
Injection protection
Foolish and simple protection injection, you can protect the whole site with one button, you can customize the protection parameters, and block hacker intrusions from the system level. Supports GET and POST injection protection.
Restricted area
Limit download methods, limit the pressure on the website from downloading software, and reduce the impact of non-IE users' access to the website. Reduce the troubles caused by various collection tools such as .net.
URLRewrite
Currently, most sites use isapi-rewrite litte and Asp.net to implement URL rewriting. MYIIS-VIF can provide a rewriting strategy that is refined to domain name sites. It can be loaded once and used multiple times, making the internal conversion of the URL close to 0, and the configuration can take effect without restarting IIS (the same applies to all configurations using MYIIS-VIF). It can automatically import configuration files in isapi-rewrite format, which is more convenient and practical.
CC attack protection
There are two unique ways to protect CC attacks from the application: 1. MYIIS-VIF core processing type 2. Interception proxy type. You can easily implement IIS CC protection and interception without writing any code. In addition, the driver's underlying assistance makes CC protection even more convenient.
Site thread management
By simply adding a rule, you can realize IIS site thread control and management, and protect your site from malicious downloading software's resource sneak attacks. Leave more bandwidth resources to normal users. The line control is precise and supports the binding operation of file type thread and IP. More humane.
IP restrictions
It is the first to implement system-level blocking of visitors at the Web level, and interacts with CC interception and SQl injection functions to configure internal communications, surpassing IIS's own IP restriction function. IP shielding addresses can be added in batches. Combined with driver interception, the server is more low-level and cannot be "contacted" by the other party.
Anti-download resource image
It was the first to implement P2SP mirror resource interception technology to prevent your download resource site from being illegally mirrored by other download software. Are your server resources still being occupied by others for no reason? You may be connected by p2sp mirror download.
Server camouflage
Your server is IIS, we can disguise it as a Linux service, of course you can also disguise it as other types of servers. It's super simple and keeps novice hackers away from your system as soon as possible. System security is protected.
Keyword interception
A simple keyword blocking system allows your server to accept Chinese and English word submissions for blocking, making your server more secure and reliable, allowing you to get through every day smoothly. The high-speed keyword interception system instantly kills illegal information and keywords.
IIS0DAY interception
No matter how good your server security is, what should you do if you encounter a 0DAY? Although we do not have a 0DAY, we will do our best to develop the best protection plan for users through the content of security bulletins.
Log system
What the software has done for you can be clearly seen through the log system. All of the above can provide MDB log verification. By analyzing the log system you can also get the key information you want most.