Forum Discussion
IIS 8.5 and invalid hostnames
I've witnessed someone scanning the internet, using CURL to look for Darkweb proxies:
curl -H "host<bad domain>" http://<ip of my IIS server>
Obviously, my IIS server (8.5) is not hosting <bad domain>. But whenever someone does this, it causes IIS (W3WP.exe) to perform a DNS lookup for <bad domain>.
Is there something that can be set, so that the IIS server silently discards invalid hostnames?
1 Reply
MattHamrickMicrosoft
Hi Dazzer,
This does not occur on my IIS setup. How did you determine that w3wp.exe was the one sending the DNS request? IIS itself doesn't make DNS requests that I'm aware of, so my first thought is if it actually is coming from w3wp.exe, then it's most likely the application being hosted that is making the call.