I've set up IIS Request Filtering based on the following article: http://www.peterviola.com/blocking-sql-injection-with-iis-request-filtering/
However, instead of returning a 404, I'm receiving a 403. Any idea why I'm getting a 403 and not a 404 as I should be? Any help would be appreciated.
