We were trying to add IP addresses to Inbound rules of Windows 2012 firewall to a ban list to stop hackers from accessing the remote desktop. This system is a dedicated hosting server and is only accessible through remote desktop.
Accidentally, Block All IP rule was implemented. This resulted in closing of all connections. Godaddy restored the access by disabling firewall services.
How do I delete the rule with firewall services disabled? Netsh and powershell do not work, both need firewall services to be active.
But if I activate firewall, the rule kicks in and disables my access to the remote server.
Please kindly help.
答案1
Windows Firewall rules are stored in the Registry at:
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
Find the registry value corresponding to your "Block all IP" rule and delete it.
Note that Windows Firewall already blocks all incoming connections unless a rule explicitly allows them, so having a 'deny' rule is redundant.