IISFrontGuard.Module 2025.12.24.12

There is a newer version of this package available.
See the version list below for details.

dotnet add package IISFrontGuard.Module --version 2025.12.24.12

NuGet\Install-Package IISFrontGuard.Module -Version 2025.12.24.12

This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.

<PackageReference Include="IISFrontGuard.Module" Version="2025.12.24.12" />

For projects that support PackageReference, copy this XML node into the project file to reference the package.

<PackageVersion Include="IISFrontGuard.Module" Version="2025.12.24.12" />
                    

                            Directory.Packages.props

<PackageReference Include="IISFrontGuard.Module" />
                    

                            Project file

For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.

paket add IISFrontGuard.Module --version 2025.12.24.12

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

#r "nuget: IISFrontGuard.Module, 2025.12.24.12"

#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.

#:package IISFrontGuard.Module@2025.12.24.12

#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package.

#addin nuget:?package=IISFrontGuard.Module&version=2025.12.24.12
                    

                            Install as a Cake Addin

#tool nuget:?package=IISFrontGuard.Module&version=2025.12.24.12
                    

                            Install as a Cake Tool

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

IISFrontGuard Module

Overview

IISFrontGuard is an enterprise-grade IIS HTTP Module that provides comprehensive web application security for ASP.NET applications running on .NET Framework 4.8. It integrates seamlessly with IIS to provide multiple layers of protection against common web threats.

Features

Web Application Firewall (WAF): Custom rule-based request filtering with pattern matching
Rate Limiting: Protect against DDoS and brute-force attacks with configurable rate limits
Geographic IP Filtering: Block or allow traffic based on country of origin using GeoIP2
Security Event Logging: Comprehensive logging to SQL database for audit and compliance
Webhook Notifications: Real-time security event notifications to external systems
Interactive Challenges: CAPTCHA-like challenges for suspicious requests
Request Encryption: Support for encrypted request validation

Installation

Via NuGet Package Manager

Install-Package IISFrontGuard.Module

Via .NET CLI

dotnet add package IISFrontGuard.Module

Via Package Manager Console

PM> Install-Package IISFrontGuard.Module

Note: The package will automatically update your Web.config with required settings and open a getting started guide.

Configuration

1. Database Setup

Execute the included SQL script to create the required database tables:

-- Located in: Content\Scripts\init.sql

2. Web.config Configuration

The package automatically configures your Web.config during installation with the following default settings. Please review and update as needed:

<configuration>
  <connectionStrings>
    <add name="IISFrontGuard"
         connectionString="Data Source=.;Initial Catalog=IISFrontGuard;Integrated Security=True;TrustServerCertificate=True;" />
  </connectionStrings>
  
  <appSettings>
    
    <add key="GlobalLogger.DefaultConnectionStringName" value="IISFrontGuard" />
    <add key="GlobalRequestEncryptionKey" value="YOUR-16-CHAR-KEY" />

    
    <add key="RateLimitMaxRequestsPerMinute" value="150" />
    <add key="RateLimitWindowSeconds" value="60" />

    
    <add key="TrustedProxyIPs" value="" />

    
    <add key="Webhook.Enabled" value="false" />
    <add key="Webhook.Url" value="" />
    <add key="Webhook.AuthHeader" value="" />
    <add key="Webhook.CustomHeaders" value="" />
    <add key="Webhook.FailureLogPath" value="C:\Logs\webhook-failures.log" />
  </appSettings>
  
  <system.webServer>
    <modules>
      <add name="FrontGuardModule"
           type="IISFrontGuard.Module.FrontGuardModule, IISFrontGuard.Module"
           preCondition="managedHandler,runtimeVersionv4.0" />
    </modules>
  </system.webServer>
</configuration>

3. GeoIP Database

The package includes a GeoLite2-Country database. To keep it updated:

Register for a free MaxMind account at https://www.maxmind.com/
Run the included UpdateGeoDb.bat script with your license key

Usage

Creating WAF Rules

Add custom WAF rules to the database:

INSERT INTO WafRules (Name, Priority, IsEnabled, Action, Conditions)
VALUES ('Block SQL Injection', 100, 1, 'Block', 
  '[{"Field":"QueryString","Operator":"Contains","Value":"UNION SELECT"}]');

Rate Limiting

Configure rate limits in Web.config:

<add key="RateLimitMaxRequestsPerMinute" value="150" />
<add key="RateLimitWindowSeconds" value="60" />

Geographic Filtering

Configure country blocking/allowing via database WAF rules:

INSERT INTO WafRules (Name, Priority, IsEnabled, Action, Conditions)
VALUES ('Block Specific Countries', 50, 1, 'Block',
  '[{"Field":"Country","Operator":"Equals","Value":"CN,RU,KP"}]');

Requirements

.NET Framework 4.8
IIS 7.0 or later
SQL Server 2012 or later

Support

For issues, questions, or contributions, please visit:

Project Repository: https://dev.azure.com/kacosta/IISFrontGuard

License

This project is licensed under the MIT License.

Author

IISFrontGuard Team

Changelog

Version 1.0.0

Initial release
WAF functionality with custom rules
Rate limiting support
GeoIP filtering
Security event logging
Webhook notifications

Product	Compatible and additional computed target framework versions.
.NET Framework	net48 is compatible. net481 was computed.

Compatible target framework(s)

Included target framework(s) (in package)

Learn more about Target Frameworks and .NET Standard.

.NETFramework 4.8
- IPNetwork (>= 1.3.2)
- MaxMind.Db (>= 4.3.4)
- MaxMind.GeoIP2 (>= 5.4.1)
- Microsoft.Bcl.AsyncInterfaces (>= 10.0.1)
- Microsoft.Extensions.DependencyInjection.Abstractions (>= 10.0.1)
- Microsoft.Extensions.Options (>= 10.0.1)
- Microsoft.Extensions.Primitives (>= 10.0.1)
- System.Buffers (>= 4.6.1)
- System.IO.Pipelines (>= 10.0.1)
- System.Memory (>= 4.6.3)
- System.Numerics.Vectors (>= 4.6.1)
- System.Runtime.CompilerServices.Unsafe (>= 6.1.2)
- System.Text.Encodings.Web (>= 10.0.1)
- System.Text.Json (>= 10.0.1)
- System.Threading.Tasks.Extensions (>= 4.6.3)
- System.ValueTuple (>= 4.6.1)

NuGet packages

This package is not used by any NuGet packages.

GitHub repositories

This package is not used by any popular GitHub repositories.

Version	Downloads	Last Updated
2025.12.25.36	0	12/25/2025
2025.12.25.25	4	12/25/2025
2025.12.25.24	4	12/25/2025
2025.12.24.15	34	12/24/2025
2025.12.24.14	33	12/24/2025
2025.12.24.13	42	12/24/2025
2025.12.24.12	34	12/24/2025
2025.12.24.11	30	12/24/2025
2025.12.24.10	27	12/24/2025
2025.12.24.9	26	12/24/2025
2025.12.24.8	31	12/24/2025

Initial release with WAF, rate limiting, GeoIP filtering, and webhook notification support.