Installing & Configuring URLScan on windows servers

Download and install URLScan. Installation is straightforward. You do not need to consult any document.

Two main files (Urlscan.dll and Urlscan.ini) that we need for configuring URLScan is by default located in the folder C:\Windows\System32\Inersrv\urlscan\

By default after installation, URLScan will be configured as a global filter, ie in IIS on the top level. So the filter will be applied on all sites created in IIS. 

The other way is to apply URLScan 3.1 filter on individual site level. In that way you can configure urlscan filter for individual sites. 

For example you have 2 sites, site1 and site2 under IIS.

Open IIS and on the right hand side, open feature “ISAPI Filters”. You will see URLScan 3.1. Remove the filter.

Copy URLScan.ini and URLScan.dll from c:\windows\system32\inetsrv\urlscan\

Now right click site1 and select “browse” and paste URLScan.ini and URLScan.dll. Edit URLScan.ini according to your hardening requirements.
Now open ISAPI filter for site1 and add urlscan filter. Name : URLScan and path: path-to-site1 and move it to the top of the list. You can select ordered list and use up arrow to move urlscan to top pf list.

Restart IIS. 

Similarly you can do it for site2.

You can edit URLScan.ini to point a log directory, so that any failed url’s will be registered.