Installing & Configuring URLScan on windows servers

Download and install URLScan. Installation is straightforward. You do not need to consult any document.

Two main files (Urlscan.dll and Urlscan.ini) that we need for configuring URLScan is by default located in the folder C:\Windows\System32\Inersrv\urlscan\

By default after installation, URLScan will be configured as a global filter, ie in IIS on the top level. So the filter will be applied on all sites created in IIS. 

The other way is to apply URLScan 3.1 filter on individual site level. In that way you can configure urlscan filter for individual sites. 

For example you have 2 sites, site1 and site2 under IIS.

Open IIS and on the right hand side, open feature “ISAPI Filters”. You will see URLScan 3.1. Remove the filter.

Copy URLScan.ini and URLScan.dll from c:\windows\system32\inetsrv\urlscan\

Now right click site1 and select “browse” and paste URLScan.ini and URLScan.dll. Edit URLScan.ini according to your hardening requirements.
Now open ISAPI filter for site1 and add urlscan filter. Name : URLScan and path: path-to-site1 and move it to the top of the list. You can select ordered list and use up arrow to move urlscan to top pf list.

Restart IIS. 

Similarly you can do it for site2.

You can edit URLScan.ini to point a log directory, so that any failed url’s will be registered.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s