requestFiltering Element for security [IIS Settings Schema]

IIS 7.0

NoteNote:

For more information about the RequestFiltering element, see the following topic on the Microsoft IIS.net Web site: Request Filtering <requestFiltering>.

Specifies configuration settings for request filtering.

The following sections describe attributes, child elements, and parent elements for this section.

Attributes

Attribute

Description

allowDoubleEscaping

Optional Boolean attribute.

Specifies whether to allow URLs with double escape characters.

The default value is false.

allowHighBitCharacters

Optional Boolean attribute.

Specifies whether to allow non-ASCII characters in URLs.

The default value is true.

Child Elements

Element

Description

fileExtensions

Optional element.

Specifies which file name extensions are allowed or denied to limit types of requests sent to the Web server.

filteringRules

Optional element.

Specifies a collection of custom request filtering rules.

NoteNote:
This element was added in IIS 7.5.

requestLimits

Optional element.

Specifies limits on requests processed by the Web server.

verbs

Optional element.

Specifies which HTTP verbs are allowed or denied to limit types of requests sent to the Web server.

hiddenSegments

Optional element.

Specifies that certain segments of URLs can be made inaccessible to clients.

denyUrlSequences

Optional element.

Specifies sequences that should be denied to help prevent URL-based attacks on the Web server.

Parent Elements

Element

Description

configuration

Specifies the root element in every configuration file that is used by IIS 7.

system.webServer

Specifies the top-level section group (in ApplicationHost.config) in which this element is defined.

security

Specifies the section group that contains security-related sections.

For more information about the RequestFiltering element, see the following topic on the Microsoft IIS.net Web site: Request Filtering <requestFiltering>.

Configuration locations

Machine.config

ApplicationHost.config

Root application Web.config

Application Web.config

Directory Web.config

Requirements

IIS 7

Community Additions

ADD
Show: