Skip to content

Protect your Windows RDWeb Server from malicious bots and brute force attempts.

License

Notifications You must be signed in to change notification settings

sysadmin0815/RDWeb-Bot-Protection

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
 
 
 
 
 
 

Repository files navigation

RDWeb-Bot-Protection

Protect your Windows RDWeb Server Login Form from malicious bots and brute force attempts.

Disclaimer

All information and code is provided as is without any warranty!!
Always backup your files before doing changes. Prefered, test the changes in a dev environment first.
The code was successfully tested on Windows Server 2019 with RDWeb and IIS Role installed.

Caution

Do not replace the files on your server with copy & paste! This repo contains code snippets only. Modify the files on your server.

How to implement

Root directory is C:\Windows\Web
You have to add/replace some code in the files login.aspx, logoff.aspx and webscripts-domain.js

File locations:
RDWeb/Pages/webscripts-domain.js
RDWeb/Pages/en-US/login.aspx
RDWeb/Pages/en-US/logoff.aspx

All files in the repo have the .txt name extension. Remove .txt to get the default file name extension

Why do I need this code?

I was searching for a "bot protection" for our RDWeb Servers. We tried it with JS and Powershell but was not happy with the results. Our RDWeb Server got more and more hammered with POST requests, so we had to implement something.

Here is a log (IP addresses removed) before the code was implemented:
If your IIS webserver log looks like this, you need it :)
image
IIS Log default path: C:\inetpub\logs\LogFiles\W3SVC1\xxx.log

Important

The code in this repo works for the webserver only, not the gateway service!


After the code is implemented the log looks much better.

How to verify that the code is working?

Check your current webserver logs at C:\inetpub\logs\LogFiles\W3SVC1 and compaire them with the old logs.

Credits

Special thanks to thomas-417 for doing the C#!

About

Protect your Windows RDWeb Server from malicious bots and brute force attempts.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published