zoukankan      html  css  js  c++  java
  • An IP Address Blocking HttpModule for ASP.NET

    I'm sure this has been done before, but it was faster to write it than to google for it. There's some IP Addresses that have been bothering me and I don't have access to a firewall or IIS at my ISP, so...

    I can upload a text file called blockedips.txt to my site and the changes happen immediately.

        9 namespace YourModuleNameHere
       10 {
       11     public class IPBlackList : IHttpModule
       12     {
       13         private EventHandler onBeginRequest;
       14 
       15         public IPBlackList()
       16         {
       17             onBeginRequest = new EventHandler(this.HandleBeginRequest);
       18         }
       19 
       20         void IHttpModule.Dispose()
       21         {
       22         }
       23 
       24         void IHttpModule.Init(HttpApplication context)
       25         {
       26             context.BeginRequest += onBeginRequest;
       27         }
       28 
       29         const string BLOCKEDIPSKEY = "blockedips";
       30         const string BLOCKEDIPSFILE = "SiteConfig/blockedips.config";
       31 
       32         public static StringDictionary GetBlockedIPs(HttpContext context)
       33         {
       34             StringDictionary ips = (StringDictionary)context.Cache[BLOCKEDIPSKEY ];
       35             if (ips == null)
       36             {
       37                 ips = GetBlockedIPs(GetBlockedIPsFilePathFromCurrentContext(context));
       38                 context.Cache.Insert(BLOCKEDIPSKEY , ips, new CacheDependency(GetBlockedIPsFilePathFromCurrentContext(context)));
       39             }
       40             return ips;
       41         }
       42 
       43         private static string BlockedIPFileName = null;
       44         private static object blockedIPFileNameObject = new object();
       45         public static string GetBlockedIPsFilePathFromCurrentContext(HttpContext context)
       46         {
       47             if (BlockedIPFileName != null)
       48                 return BlockedIPFileName;
       49             lock(blockedIPFileNameObject)
       50             {
       51                 if (BlockedIPFileName == null)
       52                 {
       53                     BlockedIPFileName = context.Server.MapPath(BLOCKEDIPSFILE);
       54                 }
       55             }
       56             return BlockedIPFileName;
       57         }
       58 
       59         public static StringDictionary GetBlockedIPs(string configPath)
       60         {
       61             StringDictionary retval = new StringDictionary();
       62             using (StreamReader sr = new StreamReader(configPath))
       63             {
       64                 String line;
       65                 while ((line = sr.ReadLine()) != null)
       66                 {
       67                     line = line.Trim();
       68                     if (line.Length != 0)
       69                     {
       70                         retval.Add(line, null);
       71                     }
       72                 }
       73             }
       74             return retval;
       75         }
       76 
       77         private void HandleBeginRequest( object sender, EventArgs evargs )
       78         {
       79             HttpApplication app = sender as HttpApplication;
       80 
       81             if ( app != null )
       82             {
       83                 string IPAddr = app.Context.Request.ServerVariables["REMOTE_ADDR"];
       84                 if (IPAddr == null || IPAddr.Length == 0)
       85                 {
       86                     return;
       87                 }
       88 
       89                 StringDictionary badIPs = GetBlockedIPs(app.Context);
       90                 if (badIPs != null && badIPs.ContainsKey(IPAddr))
       91                 {
       92                     app.Context.Response.StatusCode = 404;
       93                     app.Context.Response.SuppressContent = true;
       94                     app.Context.Response.End();
       95                     return;
       96                 }
       97             }
       98         }
       99     }
      100 }

    And in your web.config:

       42 <system.web>
       43    <httpModules>
       44         <add type="YourModuleNameHere.IPBlackList, YourAssemblyNameHere"
       45             name="IPBlackList" />
       46    </httpModules>
       47 </system.web>
    using System;
    using System.Collections.Generic;
    using System.Text;
    using System.Web;
    using System.Web.SessionState;

    namespace StateWall
    {
    public class StateShield : IHttpModule
    {
      public void Init(HttpApplication ctx)
      {
    ctx.PreRequestHandlerExecute += new EventHandler(RunSessionRules);
      }

      public void Dispose(){}

      private void RunSessionRules(object sender, EventArgs e)
      {
       HttpContext ctx = HttpContext.Current;
       HttpSessionState session = ctx.Session;
         
       if (ctx.Request.Url.LocalPath == "/logout.aspx")
       {
         session.RemoveAll();
         ctx.Response.Write("All session variables are flushed out!");
         ctx.Response.End();
       }
       if (ctx.Request.Url.LocalPath != "/login.aspx")
       {
         int flag = 0;
         foreach (string key in session.Keys)
         {
          if (key.ToString() == "login")
          {
           if (session[key].ToString() == "successful")
           {
             flag = 1;
           }
          }
         }
         if (flag == 0)
         {
          ctx.Response.Write("Unauthorized access without session.");
          ctx.Response.End();
         }
       }       
      }
    }
    }
  • 相关阅读:
    python基础之字符串和字节的转换
    python学习笔记(三)字符串方法、读写文件、json处理以及函数
    python学习笔记(二):list,字典,字符串,元组,文件
    python学习笔记(一):python入门
    接口测试:jmeter学习笔记:数据库操作和压测
    接口测试:postman和jmeter随记
    设计模式之建造者模式
    设计模式之外观模式
    设计模式之模板模式
    设计模式之原型模式
  • 原文地址:https://www.cnblogs.com/Safe3/p/1487507.html
Copyright © 2011-2022 走看看