I would like to have a secure server, so why not block all unknown file extensions? I can easily achieve that by setting allowUnlisted to false in applicationHost.config file on <system.webServer\requestFiltering\fileExtensions> tag.

But why I cannot access my site via http://(server_name)/! Why the rule starts to block default document?

The single DOT can save you again. Simply create a new rule under <fileExtensions> tag like this,

<add fileExtension="." allowed="true" />

And you are done.