Hi all,
I run a web server with a number of sites hosted on it. I have recently installed MalwareBytes and it keeps logging a number of ip addresses of malicious websites attempting to connect to my server. Although I believe that MalwareBytes is stopping such connections from doing any harm, I have, nevertheless, added the IP address's range to a blocking inbound rule on the web server's native firewall (Windows Server 2012). Despite this, MB keeps bringing up alerts of access attempts from the same IP addresses. Isn't the firewall supposed to block the connection before it even gets to the point where it is detected by MB? The firewall's rules appear to be working because when I added a friend's IP address to a rule, she could not access any of the sites on the server until I removed her IP again.
Thank you