Looking for the steps to block IPs in Windows Firewall? We can help you.
Block the IPs in the firewall if we subjected to some attacks or found anything suspicious from an IP.
At Bobcares, users often approach us with queries regarding IP block as a part of our Server Management Services.
Today, let’s see how our Support Engineers help our customers with this.
What is IP Blocking?
Blocking the IP address is a security measure to blocks the IP which is harmful to the network or individual computers.
The IP block occurs due to many reasons. The IP gets block if someone did suspicious activities, sending spam content data, entering wrong credentials in unlimited times.
How to block IPs in Windows Firewall?
Recently, one of our customers said that his server is responding slowly. On checking, we found that the server is under SYN attack. We saw thousands of connections from the same IP connecting to contiguous ports.
SYN attack is a form of denial-of-service attack in which an attacker sends a large number of requests of SYN requests to the Server.
The Denial-of-Service attack is an attack to shut down a machine or network. Due to a large number of requests, it consumes a large number of server resources and makes the server unresponsive.
Let’s see how our Support Engineers help the customer to stop the SYN attack on his server.
We follow the below steps to block the IP in the windows firewall.
Firewall Control Panel
1. Initially, we log in to the server via RDP.
2. Then, we click on Start and select the Administrative Tools option. Then we select the Windows Firewall with Advanced Security option.
3. After that, we click on the Inbound Rules option from the left pane of the firewall window and click on the New Rule option on the right pane.
4. The,n the New Inbound Rule Wizard will open.
5. We click on the Custom button in the Rule Type option and click on Next.
6. Next in the Program option, we make sure that the All Programs option is selected and then click on Next.
7. In the Protocol and Ports option, we leave all the options at its default and click on Next.
8. Next in the Scope option, we see two boxes. One is for local IP addresses and the second one is for remote IP addresses. We enter the corresponding IP address in the field and click the Add Button.
9. Then we select Block the connection option from the Action menu and then click on Next.
10. In the Profile section, we checked all of the options such as Private, Public, and Domain and then click on Next.
11. Finally, we mention the name of the rule in the Name section and click on Finish.
Through Command Prompt
Initially, we open the Command Prompt and run it as Administrator.
Then we run the below command in the Command Prompt to block a specific IP address in the firewall.
netsh advfirewall firewall add rule name="abc" Dir=In Action=Block RemoteIP=x.x.x.x
Through PowerShell
To block the IP address through PowerShell we run the Powershell as Administrator. Then run the below command to block the IP address
New-NetFirewallRule -Direction Inbound -DisplayName "New_Rule" -Name "New_Rule" -RemoteAddress x.x.x.x -Action BlockWe can use any of the above three methods to block the IP address in the Windows firewall.
[Need more assistance to block IP in Windows Firewall? We’ll help you.]
Conclusion
In short, we discussed the exact steps to block the IP in the Windows firewall. Also, we also saw how our Support Engineers do it for the customers.
0 Comments