Windows Firewall IP Scope Limit is 1000 Entries

1,000 ENTRIES IS THE MAX WINDOWS FIREWALL RULES WILL ACCEPT.

For the longest time, we've been building in-house security tools to keep bad actors out of our Apache, or at the least, keep them from banging on our ports. One of the C# tools we built will do a REGEX search in Apache's logs and if it sees something fishy will automatically add it to the Windows Firewall via an inbound rule for port 80 and 443 we created called "Block Apache Punks". (It used to have a very rated R name before. They made me change it. Use your imagination). Here's what it normally looks like when you're making an individual IP entry:

And then when you hit OK, it'll appear that it's taking it, but when you hit apply on your rule, you will see the error: "The array bounds are invalid." and it will NOT accept your entry. Because you've hit the limit. Which is dumb. It's 2015. Why is this happening.

We never looked it up, but heard there was a limit to the amount of IP's and CIDR addresses you could add to this list ... well, we found out last week what that number is: It's 1,000, like the big fat text above.

Hopefully, you'll come across this from a Google search and realize you NEED to move to something with much much more flexibility in your OpsSec plan for keeping out the bad guys. As I type this, we're moving to Apache mod_security with about 20 rules already and the ability to add infinite IP's if we need to. Something we should have done a long long time ago.