Is there a way in IIS7 to limit the number of HTTP connections allowed from a single source? We occasionaly get mild denial of service attacks that we could prevent with some limitations on the number of connections allowed from any single IP. I understand this could impact some legitimate requests, but we'd set the threshold fairly high.

Ah! I think I found it. This http://blogs.iis.net/ruslany/archive/2009/02/16/dynamic-ip-restrictions-for-iis-7-0-beta.aspx is what I'm looking for.

Thanks all.

Mark

Here is the latest home of the extension: http://www.iis.net/downloads/microsoft/dynamic-ip-restrictions

Under properties for the website in IIS click on Performance and select the number of connections limited to.