I want to make the firwall take all process of my IIS 7.5 to allow inbound connections, becasue I dont wanna lost my time making each new application, and to do it easier to maintenance. Can I do it? Its a safe option? But when I allow the w3wp.exe, I dont have any response.
Iis – Firewall allow all ports of w3wp.exe
iisiis-7.5windows-firewall
Related Topic
- Iis – Requests in IIS’ “SendResponse” state stuck for a long time; Slow IIS 7.5/ASP.NET 4.0 web application
- Iis – Does IIS Sometimes Allocate More Worker Processes Than Configured
- Security – Configure Windows Firewall to block all except for specific traffic
- Iis – limit IIS to use one rather than two processors
Best Answer
w3wp.exe is not the process that listens for incoming connections to IIS, it's a worker process that handles doing the work of a request once it's received. Anyway, when you configure a rule to allow an image it's for outgoing connections.
In general you don't want to configure your firewall to accept inbound connections on wide ranges of ports. It's not safe. You should limit the inbound connections to those ports you know you need to accept and leave the rest closed. Create inbound rules for the ports your web sites / apps are listening on. Even better, you can configure IIS to listen on a single port and create multiple host bindings. That way you only have to expose one port to incoming connections.