NOTE: When i ask a specific Static file (ie: http://192.168.0.107/index.html I have the behavior i describe below, but when i ask the default document (ie: http://192.168.0.107 => with i setup to use index.html as default) then everything seam to work well !
I setup this in the web.config :
<dynamicIpSecurity denyAction="Forbidden" enableLoggingOnlyMode="false" enableProxyMode="false"><denyByConcurrentRequests enabled="true" maxConcurrentRequests="2" /><denyByRequestRate enabled="false" maxRequests="5" requestIntervalInMilliseconds="10000" /> </dynamicIpSecurity>As far as I understand I can't have more than 2 simultaneous requests from the same IP at the same time. So i try and I send 50 simultaneous request to the webserver. Few of then (6 only) was returning with 403 forbidden but most of then was running well !
I do this on the server to list all of the request :
C:\Users\Administrator>C:\Windows\System32\inetsrv\appcmd.exe list request
REQUEST "fa000000800000f5" (url:GET /robot3s.txt, time:24406 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "fb0000008000014a" (url:GET /robot3s.txt, time:24391 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "fd00000280000044" (url:GET /robot3s.txt, time:24344 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "fc00000280000007" (url:GET /robot3s.txt, time:24313 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "fc00000180000003" (url:GET /robot3s.txt, time:24281 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "fb00000280000002" (url:GET /robot3s.txt, time:24281 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "fc0000038000015e" (url:GET /robot3s.txt, time:24234 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f400000380000002" (url:GET /robot3s.txt, time:24234 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f900000180000002" (url:GET /robot3s.txt, time:24219 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f700000080000002" (url:GET /robot3s.txt, time:24219 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f600000280000002" (url:GET /robot3s.txt, time:24203 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "ff00000180000003" (url:GET /robot3s.txt, time:22016 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f800000080000006" (url:GET /robot3s.txt, time:19828 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "fb0000038000004b" (url:GET /robot3s.txt, time:10766 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "fd0000018000000b" (url:GET /robot3s.txt, time:6063 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "fa0000018000000e" (url:GET /robot3s.txt, time:5031 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f700000280000010" (url:GET /robot3s.txt, time:2906 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f80000038000000f" (url:GET /robot3s.txt, time:2781 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f900000380000049" (url:GET /robot3s.txt, time:2625 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f600000380000012" (url:GET /robot3s.txt, time:2203 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f700000380000011" (url:GET /robot3s.txt, time:2109 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f10000028000000e" (url:GET /robot3s.txt, time:2047 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f300000280000010" (url:GET /robot3s.txt, time:1984 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f50000008000000f" (url:GET /robot3s.txt, time:1906 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "fa0000038000005e" (url:GET /robot3s.txt, time:1844 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f500000380000011" (url:GET /robot3s.txt, time:1781 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "fe00000180000009" (url:GET /robot3s.txt, time:1719 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "fa0000028000000e" (url:GET /robot3s.txt, time:1656 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f10000038000000f" (url:GET /robot3s.txt, time:1578 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f50000028000000a" (url:GET /robot3s.txt, time:1500 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "fb00000180000008" (url:GET /robot3s.txt, time:1422 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f800000280000011" (url:GET /robot3s.txt, time:1359 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f900000280000011" (url:GET /robot3s.txt, time:1297 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f60000008000000b" (url:GET /robot3s.txt, time:1234 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f400000280000009" (url:GET /robot3s.txt, time:1172 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f700000280000011" (url:GET /robot3s.txt, time:1109 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "fe00000280000057" (url:GET /robot3s.txt, time:1047 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f800000380000010" (url:GET /robot3s.txt, time:969 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f900000080000010" (url:GET /robot3s.txt, time:891 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "fc00000080000016" (url:GET /robot3s.txt, time:828 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "ff0000028000007b" (url:GET /robot3s.txt, time:766 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f300000380000010" (url:GET /robot3s.txt, time:703 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f200000380000011" (url:GET /robot3s.txt, time:641 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f200000280000010" (url:GET /robot3s.txt, time:578 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "fd0000038000016b" (url:GET /robot3s.txt, time:516 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f600000380000013" (url:GET /robot3s.txt, time:438 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f700000380000012" (url:GET /robot3s.txt, time:391 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f10000028000000f" (url:GET /robot3s.txt, time:313 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f300000280000011" (url:GET /robot3s.txt, time:266 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f500000080000010" (url:GET /robot3s.txt, time:203 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "fa0000038000005f" (url:GET /robot3s.txt, time:141 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)
REQUEST "f500000380000012" (url:GET /robot3s.txt, time:78 msec, client:192.168.0.101, stage:SendResponse, module:IIS Web Core)As you can see the server show correctly that he have several request from the same IP. also doing netstat (in case) show also all the simultaneous TCP/IP connection :
C:\Users\Administrator>netstat -ano
Active Connections
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 780
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:5985 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:49664 0.0.0.0:0 LISTENING 500
TCP 0.0.0.0:49665 0.0.0.0:0 LISTENING 932
TCP 0.0.0.0:49667 0.0.0.0:0 LISTENING 620
TCP 0.0.0.0:49668 0.0.0.0:0 LISTENING 1192
TCP 0.0.0.0:49669 0.0.0.0:0 LISTENING 1560
TCP 0.0.0.0:49670 0.0.0.0:0 LISTENING 612
TCP 192.168.0.107:80 192.168.0.101:62451 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62452 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62453 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62454 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62455 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62456 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62457 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62458 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62459 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62460 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62461 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62462 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62463 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62464 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62465 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62466 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62467 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62468 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62469 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62470 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62471 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62472 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62473 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62474 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62475 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62476 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62477 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62478 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62479 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62480 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62481 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62482 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62483 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62484 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62485 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62486 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62487 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62488 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62489 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62490 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62491 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62492 ESTABLISHED 4
TCP 192.168.0.107:80 192.168.0.101:62493 ESTABLISHED 4
TCP 192.168.0.107:139 0.0.0.0:0 LISTENING 4
TCP 192.168.0.107:49672 52.230.7.59:443 ESTABLISHED 1192
TCP 192.168.0.107:49675 52.230.7.59:443 ESTABLISHED 1020
TCP 192.168.0.107:49676 52.230.7.59:443 ESTABLISHED 1192
TCP 192.168.0.107:49677 52.230.7.59:443 ESTABLISHED 1020
TCP [::]:80 [::]:0 LISTENING 4
TCP [::]:135 [::]:0 LISTENING 780
TCP [::]:445 [::]:0 LISTENING 4
TCP [::]:5985 [::]:0 LISTENING 4
TCP [::]:47001 [::]:0 LISTENING 4
TCP [::]:49664 [::]:0 LISTENING 500
TCP [::]:49665 [::]:0 LISTENING 932
TCP [::]:49667 [::]:0 LISTENING 620
TCP [::]:49668 [::]:0 LISTENING 1192
TCP [::]:49669 [::]:0 LISTENING 1560
TCP [::]:49670 [::]:0 LISTENING 612
UDP 0.0.0.0:123 *:* 372
UDP 0.0.0.0:5050 *:* 372
UDP 0.0.0.0:5353 *:* 252
UDP 0.0.0.0:5355 *:* 252
UDP 127.0.0.1:1900 *:* 2944
UDP 127.0.0.1:55881 *:* 2944
UDP 192.168.0.107:137 *:* 4
UDP 192.168.0.107:138 *:* 4
UDP 192.168.0.107:1900 *:* 2944
UDP 192.168.0.107:55880 *:* 2944
UDP [::]:123 *:* 372
UDP [::]:5353 *:* 252
UDP [::]:5355 *:* 252
UDP [::1]:1900 *:* 2944
UDP [::1]:55879 *:* 2944
UDP [fe80::44d:ec90:714d:f47b%2]:1900 *:* 2944
UDP [fe80::44d:ec90:714d:f47b%2]:55878 *:* 2944
So why most of my requests was not rejected ?