Block port 80 using Windows PowerShell


  1. Open Windows PowerShell as Administrator
  2. Type the following commandNew-NetFirewallRule -DisplayName “Block Inbound Port 80” -Direction Inbound -LocalPort 80 -Protocol TCP -Action Block

As an extra precaution, you can also block outbound traffic on port 80 as well using the following command

New-NetFirewallRule -DisplayName “Block Outbound Port 80” -Direction Outbound -LocalPort 80 -Protocol TCP -Action Block


How to force IIS websites to use SSL

  1. Open IIS Manager UI.
  2. Expand the Web Sites in the Connections pane and select the Web site.
  3. In the Features View, double click on the “SSL Settings”.
  4. You will see the check box to force SSL on this website and click on “Apply” in the Actions pane.


Select the Client certificates options at your need of the website. That’s it. We now force the HTTPS browsing for that website. Now, if the user tries to browse the website over HTTP, he will be getting 403.4 Forbidden error message.

This however, will only work if you have a binding for SSL for that particular site.  To adding the bindings for SSL for a site please perform the following:

  1. In Internet Information Services (IIS) Manager, under Connections, expand your server’s name, expand Sites, and then select the website on which you want to install the SSL Certificate.
  2. In the Actions menu, under Edit Site, click Bindings
  3. In the Site Bindings window, click Add.
  4. In the Add Site Binding window, enter the following information:

In the drop-down list, select https.

IP address:
In the drop-down list, select All unassigned.

Enter 443, unless you are using a non-standard port for SSL traffic.
SSL certificate:
In the drop-down list, select the recently imported SSL Certificate by its friendly name

  1. Click OK.

Your SSL Certificate should now be installed to your IIS website.


How to disable SSL 2.0, 3.0 and TLS 1.0 on Windows 2016 Server


To disable SSL 2.0 and SSL 3.0, simply paste the following into an elevated (run as Administrator) PowerShell window:

New-Item ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server’ -Force

New-ItemProperty -path ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server’ -name Enabled -value 0 –PropertyType DWORD

For SSL 3.0 run the following:

New-Item ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server’ -Force

New-ItemProperty -path ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server’ -name Enabled -value 0 –PropertyType DWORD


You should then enable TLS 1.1 and TLS 1.2:

New-Item ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server’ -Force

New-Item ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client’ -Force

New-ItemProperty -path ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server’ -name ‘Enabled’ -value ‘0xffffffff’ –PropertyType DWORD

New-ItemProperty -path ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Server’ -name ‘DisabledByDefault’ -value 0 –PropertyType DWORD

New-ItemProperty -path ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client’ -name ‘Enabled’ -value 1 –PropertyType DWORD

New-ItemProperty -path ‘HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client’ -name ‘DisabledByDefault’ -value 0 –PropertyType DWORD

Disable TLS 1.0


New-Item “HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\PROTOCOLS” –Name “TLS 1.0”

New-Item “HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\PROTOCOLS\TLS 1.0” –Name SERVER

New-ItemProperty “HKLM:\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\PROTOCOLS\TLS 1.0\SERVER” –Name Enabled –Value 0 –Type DWORD

Contact Us

Please leave us a message and a representative will contact you shortly. You can also call toll-free (877) ITECS 10 or our local number at (214) 744-3354

Not readable? Change text. captcha txt