Help needed with settings iis


These are my settings for iis

Global rule:
source adres: any
destination adres: ip computer
source port: any
destination port: HTTP ports

Application rule: http.sys
source adres: any
destination adres: ip computer
source port: any
destination port: HTTP ports

Comodo firewall keeps blocking these ports!
What am i doing wrong?
Ports are forwarded to ip of my computer.
It worked fine with the previous version but after upgrading to the latest version firewall blocks all incoming traffic to ports 80 and 443


I’m experiencing the exact same problem. I’m running an IIS WebDav Server on Port 443 on an uptodate Windows 8.1 system, cannot get through to the server when Comodo Firewall 7.0.317799.4142 is enabled with Custom Ruleset. Windows Firewall is disabled all times.
It worked some time before, although I don’t know which Comodo version it was.
I tried your suggested settings, they don’t solve this problem for me unfortunately.
It only works as soon as I disable Comodo Firewall.
Are we missing something? Some special (new) configuration option?
Also note that no event is showing up in the Firewall Logs at all…

Help would be appreciated.
Kind regards

What’s showing in the logs? You also should be getting pop-ups.

Unsolicited inbound TCP is initially screened at the perimeter; a global rule is necessary to allow it off the NIC. The system gatekeeper, SYSTEM, interdicts unsolicited inbound IP unless explicitly allowed. HTTP.sys is the kernel mode driver that serves as an endpoint for your web server.

At each point, unless explicitly permitted, CIS will deny access attempt and swear at the host admin-type at being bothered by the bloody intrusion.

BTW: don’t forget to enable outbound ICMP as appropriate in ‘Windows Operating System’ ruleset (per IANA RFC mandatory requirements).

Thanks for your quick help!

The firewall logs (the ones available via Comodo GUI) were empty, no event regarding blocking anything showed up.
Meanwhile I was able to sort of solve this problem (for now), a simple restart of my machine did it…
Now it’s working again flawlessly, even without the additional 2 rules mentioned by the OP.
It’s curious though why I had to restart my machine, I rarely do it, but instead send my PC to sleep (S4) most times. Maybe the constant sleep/wake-up actions “confused” Comodo Firewall somehow? I don’t know…
Also, I do remember a Comodo popup regarding IIS/Webdav access when I first setup and tested IIS, I’ve allowed access of course.

Anyway, thanks again for your help! I wish you a good day!

Ensure logging and alerts are enabled; either, or both, can be disabled. The former is way more important than the latter.

I am experiencing the exact same frustrating issue. I have Windows 8.1 and Comodo Firewall 7.0 and I’m running a webserver (screenconnect remote desktop) on port 80 and 443. I simply cannot get any default firewall rules or custom rules to allow traffic through on port 80. As soon as I disable firewall, the traffic comes through. Windows firewall is disabled, ports properly forwarded on router. Logging is on, and no firewall event is logged or triggered when it blocks port 80. I’ve checked the checkbox to “Log as Firewall Event if this rule fired”, and none of the existing or new rules will fire for when it blocks port 80. I’ve checked the PID for what is listening to port 80, and it’s SYSTEM. So I edited the custom rule for SYSTEM and allowed the HTTP port set, and it still blocks it with no logging. Is this blocking of port 80 a “feature” or a “bug” with v7.0.317799.4142?

I’m going to assume that this is in regards to ScreenConnect Server? Please correct if I assume incorrectly.

Going through their setup wiki the server requires listening on TCP 8040 and 8041 by default, makes no mention of 80 or 443, unless their using the same firewall punching technique as Teamviewer to trick firewalls into allowing the traffic without it being specifically forwarded.

You’ll need to make global rules allowing incoming TCP requests on 8040-8041, as well as application rules for the listening host process. As I’ve never used ScreenConnect I don’t know what that is.