How to protect websites against DDoS attacks in Plesk for Windows Server

Dmitry Bystrov

1 year ago

Question

How to protect websites against DDoS attacks in Plesk for Windows Server?

Answer

Use the built-in IIS feature Dynamic IP Address Restrictions to block access for IP addresses that exceed the specified number of requests to websites hosted in Plesk.

In Plesk, this feature is capable to set:

Dynamic IP Address Restrictions to Deny IP addresses based on the number of concurrent requests from a unique IP address
Deny IP addresses based on the number of requests over a period of time

Note: Values in the instructions below are given as an example. Adjust them according to your needs.

Enabling IIS dynamic IP restriction via the Plesk interface (for one domain only)

Log in to Plesk.
Go to Domains > example.com > IIS Settings.
Scroll down to the Preventing DoS attacks by IIS dynamic IP restriction section and adjust settings according to your needs.

Enabling IIS dynamic IP restriction via a command prompt (for one domain/all existing domains/all new domains)

For one domain
1. Connect to a Plesk server via RDP.
2. Start a command prompt as an Administrator.
3. Run the command:
  - To make IIS deny access to the website example.com from clients that have made more than 22 HTTP requests in 230 milliseconds:
    
    C:> plesk bin virtdir.exe --update / -vhost example.com -is_deny_by_request_rate true -max_requests 22 -request_interval 230
  - To make IIS deny access to the website example.com from clients that have made more than 9 concurrent HTTP requests:
    
    C:> plesk bin virtdir.exe --update / -vhost example.com -is_deny_by_concurrent_requests true -max_concurrent_requests 9
For all existing domains
1. Connect to a Plesk server via RDP.
2. Start a command prompt as an Administrator and run the command below to get the list of all domains on the server:
  
  C:> plesk db -Ne"select name from domains;" > C:domains.txt
3. Run the command:
  - To make IIS deny access to all existing websites from clients that have made more than 22 HTTP requests in 230 milliseconds:
    
    C:> for /f %i in (C:domains.txt); do (plesk bin virtdir.exe --update / -vhost %i -is_deny_by_request_rate true -max_requests 22 -request_interval 230);
  - To make IIS deny access to all existing websites from clients that have made more than 9 concurrent HTTP requests:
    
    C:> for /f %i in (C:domains.txt); do (plesk bin virtdir.exe --update / -vhost %i -is_deny_by_concurrent_requests true -max_concurrent_requests 9);
    
    To learn more about the virtdir.exe utility, visit this Plesk documentation page.

0 Shares