HOW TO: Enable Reverse DNS Lookup for IIS (297795)


The information in this article applies to:

  • Microsoft Internet Information Server 4.0
  • Microsoft Internet Information Services 5.0
  • Microsoft Internet Information Services version 5.1
  • Microsoft Internet Information Services version 6.0
This article was previously published under Q297795
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/prodtech/IIS.mspx

IMPORTANT: This article contains information about editing the metabase. Before you edit the metabase, verify that you have a backup copy that you can restore if a problem occurs. For information about how to do this, see the "Configuration Backup/Restore" Help topic in Microsoft Management Console (MMC).

IN THIS TASK

SUMMARY

This step-by-step article demonstrates how to enable reverse Domain Name System (DNS) lookup for Internet Information Services (IIS).

back to the top

Enable Reverse DNS Lookup

WARNING: If you edit the metabase incorrectly, you can cause serious problems that may require you to reinstall any product that uses the metabase. Microsoft cannot guarantee that problems that result if you incorrectly edit the metabase can be solved. Edit the metabase at your own risk.

NOTE: Always back up the metabase before you edit it.

To enable reverse DNS lookup on IIS versions 4.0 and later, the EnableReverseDNS metabase entry must be set to TRUE.

When the EnableReverseDNS metabase entry is set to TRUE, the IP address of each Web client that connects to the IIS server is resolved to a DNS name, and the DNS name instead of the Web client IP address is placed in the IIS log files. Enabling reverse DNS also affects what CGI and ISAPI extensions see as a value of the RemoteHost variable.

For additional information about how to back up the registry, click the article number below to view the article in the Microsoft Knowledge Base:

300672 HOW TO: Create a Metabase Backup in IIS 5

back to the top

IIS 4.0

  1. Open a command prompt.
  2. Change the folder to %systemroot%\Inetsrv\Adminsamples.
  3. Type adsutil set w3svc/EnableReverseDNS TRUE, and then press ENTER.
back to the top

IIS 5.0 and Later

  1. Open a command prompt.
  2. Change the folder to C:\Inetpub\Adminscripts.
  3. Type adsutil set w3svc/EnableReverseDNS TRUE, and then press ENTER.
back to the top

Warnings

Enabling reverse DNS on your IIS server can affect the performance of your Web server and DNS servers. Some examples are:
  • Resources such as CPU utilization and network bandwidth may be taken up.
  • Client requests can take longer to process.
  • Client requests can be blocked if IP restrictions by DNS domain names are used.
back to the top

REFERENCES

For additional information about performing reverse DNS lookup, click the article numbers below to view the articles in the Microsoft Knowledge Base:

245574 HOWTO: Configure REMOTE_HOST to Perform a Reverse DNS Lookup in IIS

227943 How Internet Information Services (IIS) Handles Reverse Lookup Failures

For additional information about restricting site access by IP address or domain name, click the article number below to view the article in the Microsoft Knowledge Base:

324066 HOW TO: Restrict Site Access by IP Address or Domain Name

back to the top
Modification Type:MinorLast Reviewed:6/23/2005
Keywords:kbHOWTOmaster KB297795
©2004 Microsoft Corporation. All rights reserved.