DataDome

How to secure Microsoft IIS & ASP.NET-based websites against malicious bots.

Table of contents
Last update: 5 Dec, 2019
|
min

Microsoft IIS has a market share of just over 14% of all websites. While IIS and the ASP.NET framework provide some security features, including request filtering for allow-listing or block-listing traffic, authorization rules, and request logging, they are not designed to provide efficient protection against sophisticated bot attacks. For such attacks, a specialized bot protection solution is essential.

DataDome’s expert level bot detection and protection seamlessly integrates into IIS or any web server with support of ASP.NET HTTP Modules. Like all our server-side modules, the IIS module protects all your endpoints, and you can create custom real-time rules to fine-tune your configuration.

How the DataDome module for IIS/ASP works:

Given the advanced techniques being used by today’s bots, protecting websites, APIs, and mobile apps is a complex endeavor. For example, bots can now very convincingly mimic human behavior, and most security solutions struggle to distinguish between bots and humans. Attacks are also typically low and slow, and will easily elude volumetric detection.

DataDome uses artificial intelligence and machine learning to provide the expert level bot detection capabilities required to determine if a visitor’s activity is malicious. It is the only bot protection solution delivered as-a-service. Deploying it is extremely simple, takes only a few minutes, and requires no architecture changes or DNS rerouting.

The DataDome IIS module can be installed and run without making changes to your web infrastructure. You can either use the standard installation procedure (extracting files and copying the contents of the /bin folder to your website’s /bin folder), or install it as a NuGet package using the NuGet-compatible tool of your choice.

Immediately upon installation, the module starts analyzing all web server requests. Before the regular IIS process, the module makes a call to the DataDome API using a keepalive connection. If the DataDome algorithm determines that the user is a human, it lets IIS continue the regular process. If it’s a bot, the user is presented with a Captcha challenge (or hard blocked, depending on your settings).

While DataDome has been designed to run on autopilot, you also have the option to configure your own custom rules. For example, you can allow-list partner bots, or block all traffic from a country where you aren’t doing business. We also provide options for rate limiting and time boxing to fine-tune rules.

In the event of any errors that may negatively impact the user experience, the module will automatically disable blocking, allowing legitimate users to go on uninterrupted.

The IIS module is compatible with the .NET Framework v 3.5 or later, and can be executed using any web server with support of ASP.NET HTTP Modules (e.g. IIS 6+, IIS Express, XSP, Apache with mod_mono). It has been successfully tested on both Azure VM and Azure WebApp.

Key benefits:

By leveraging the DataDome bot protection module for IIS, you can expect:

  • Expert AI and machine learning-driven bot detection, fully integrated into IIS
  • Unrivaled ability to distinguish bots from humans
  • Elimination of malicious traffic, resulting in a speedier website
  • Protection from all bot attacks in real time
  • Granular customization options with features like rate limiting and timeboxing

Getting started with DataDome’s IIS module:

Seeing is believing. To see the IIS module in action, click the FREE TRIAL button below and in just a few minutes you’ll be able to access the DataDome dashboard and see all your bot traffic in real time.

Our technical documentation makes it easy for you to install the module. Just follow the IIS module installation instructions. No credit card is required.

DataDome
dd product home overview

Still exploring?

Start with an on-demand demo.