I’ve got a problem, which I didn’t find any other way to restrict all the outbound traffic on my server.
I have a web service, which is deployed on a server, alone. This is about one month that I get NETSCAN warnings form HETZNER data center. There are so many ips in the list, which all of them are on port 80. But none of my applications send request to that ips. I turned off the web service a few times and the error disapeared. But since I haven’t changed anything in my code, I couldn’t get to conclusion why this happens.
Now, as I know the web service only works with some specific domains (10 domain addresses on overall), and nothing else, but the web service is run on the server, I want to block all outbound traffic on port 80, except those determined domains.
Is there any way to block domains instead of IP ranges/ports directly, by windows firewall? If not, is there any software package including antiviruse/firewall that I can install on my server to do so?
Answer
You might be able to do it at the router if your router has some form of URL filtering. Another way of doing this would be to set up your own custom DNS zone and use that for your server. By adding stub zones for the allowed domains, your server won’t be able to resolve anything other than the domains you have added.
Attribution
Source : Link , Question Author : Behzad Nouri , Answer Author : ChadH360
