IISFrontGuard is an IIS HTTP Module providing comprehensive web application security including WAF functionality, rate limiting, geographic IP filtering, security event logging, automatic security header management, and webhook notifications for ASP.NET applications running on .NET Framework 4.8. Automatically removes server identification headers (X-Powered-By, Server) and adds essential security headers (CSP, HSTS, X-Frame-Options, etc.).
IISFrontGuard is an enterprise-grade IIS HTTP Module that provides comprehensive web application security for ASP.NET applications running on .NET Framework 4.8. It integrates seamlessly with IIS to provide multiple layers of protection against common web threats.
Features
Web Application Firewall (WAF): Custom rule-based request filtering with pattern matching
Rate Limiting: Protect against DDoS and brute-force attacks with configurable rate limits
Geographic IP Filtering: Block or allow traffic based on country of origin using GeoIP2
Security Event Logging: Comprehensive logging to SQL database for audit and compliance
Webhook Notifications: Real-time security event notifications to external systems
Interactive Challenges: CAPTCHA-like challenges for suspicious requests
Request Encryption: Support for encrypted request validation
Installation
Via NuGet Package Manager
Install-Package IISFrontGuard.Module
Via .NET CLI
dotnet add package IISFrontGuard.Module
Via Package Manager Console
PM> Install-Package IISFrontGuard.Module
Note: The package will automatically update your Web.config with required settings and open a getting started guide.
Configuration
1. Database Setup
Execute the included SQL script to create the required database tables:
-- Located in: Content\Scripts\init.sql
2. Web.config Configuration
The package automatically configures your Web.config during installation with the following default settings. Please review and update as needed:
