zoukankan      html  css  js  c++  java
  • An IP Address Blocking HttpModule for ASP.NET

    I'm sure this has been done before, but it was faster to write it than to google for it. There's some IP Addresses that have been bothering me and I don't have access to a firewall or IIS at my ISP, so...

    I can upload a text file called blockedips.txt to my site and the changes happen immediately.

        9 namespace YourModuleNameHere
       10 {
       11     public class IPBlackList : IHttpModule
       12     {
       13         private EventHandler onBeginRequest;
       14 
       15         public IPBlackList()
       16         {
       17             onBeginRequest = new EventHandler(this.HandleBeginRequest);
       18         }
       19 
       20         void IHttpModule.Dispose()
       21         {
       22         }
       23 
       24         void IHttpModule.Init(HttpApplication context)
       25         {
       26             context.BeginRequest += onBeginRequest;
       27         }
       28 
       29         const string BLOCKEDIPSKEY = "blockedips";
       30         const string BLOCKEDIPSFILE = "SiteConfig/blockedips.config";
       31 
       32         public static StringDictionary GetBlockedIPs(HttpContext context)
       33         {
       34             StringDictionary ips = (StringDictionary)context.Cache[BLOCKEDIPSKEY ];
       35             if (ips == null)
       36             {
       37                 ips = GetBlockedIPs(GetBlockedIPsFilePathFromCurrentContext(context));
       38                 context.Cache.Insert(BLOCKEDIPSKEY , ips, new CacheDependency(GetBlockedIPsFilePathFromCurrentContext(context)));
       39             }
       40             return ips;
       41         }
       42 
       43         private static string BlockedIPFileName = null;
       44         private static object blockedIPFileNameObject = new object();
       45         public static string GetBlockedIPsFilePathFromCurrentContext(HttpContext context)
       46         {
       47             if (BlockedIPFileName != null)
       48                 return BlockedIPFileName;
       49             lock(blockedIPFileNameObject)
       50             {
       51                 if (BlockedIPFileName == null)
       52                 {
       53                     BlockedIPFileName = context.Server.MapPath(BLOCKEDIPSFILE);
       54                 }
       55             }
       56             return BlockedIPFileName;
       57         }
       58 
       59         public static StringDictionary GetBlockedIPs(string configPath)
       60         {
       61             StringDictionary retval = new StringDictionary();
       62             using (StreamReader sr = new StreamReader(configPath))
       63             {
       64                 String line;
       65                 while ((line = sr.ReadLine()) != null)
       66                 {
       67                     line = line.Trim();
       68                     if (line.Length != 0)
       69                     {
       70                         retval.Add(line, null);
       71                     }
       72                 }
       73             }
       74             return retval;
       75         }
       76 
       77         private void HandleBeginRequest( object sender, EventArgs evargs )
       78         {
       79             HttpApplication app = sender as HttpApplication;
       80 
       81             if ( app != null )
       82             {
       83                 string IPAddr = app.Context.Request.ServerVariables["REMOTE_ADDR"];
       84                 if (IPAddr == null || IPAddr.Length == 0)
       85                 {
       86                     return;
       87                 }
       88 
       89                 StringDictionary badIPs = GetBlockedIPs(app.Context);
       90                 if (badIPs != null && badIPs.ContainsKey(IPAddr))
       91                 {
       92                     app.Context.Response.StatusCode = 404;
       93                     app.Context.Response.SuppressContent = true;
       94                     app.Context.Response.End();
       95                     return;
       96                 }
       97             }
       98         }
       99     }
      100 }

    And in your web.config:

       42 <system.web>
       43    <httpModules>
       44         <add type="YourModuleNameHere.IPBlackList, YourAssemblyNameHere"
       45             name="IPBlackList" />
       46    </httpModules>
       47 </system.web>
    using System;
    using System.Collections.Generic;
    using System.Text;
    using System.Web;
    using System.Web.SessionState;

    namespace StateWall
    {
    public class StateShield : IHttpModule
    {
      public void Init(HttpApplication ctx)
      {
    ctx.PreRequestHandlerExecute += new EventHandler(RunSessionRules);
      }

      public void Dispose(){}

      private void RunSessionRules(object sender, EventArgs e)
      {
       HttpContext ctx = HttpContext.Current;
       HttpSessionState session = ctx.Session;
         
       if (ctx.Request.Url.LocalPath == "/logout.aspx")
       {
         session.RemoveAll();
         ctx.Response.Write("All session variables are flushed out!");
         ctx.Response.End();
       }
       if (ctx.Request.Url.LocalPath != "/login.aspx")
       {
         int flag = 0;
         foreach (string key in session.Keys)
         {
          if (key.ToString() == "login")
          {
           if (session[key].ToString() == "successful")
           {
             flag = 1;
           }
          }
         }
         if (flag == 0)
         {
          ctx.Response.Write("Unauthorized access without session.");
          ctx.Response.End();
         }
       }       
      }
    }
    }
  • 相关阅读:
    学习笔记——Maven实战(九)打包的技巧
    学习笔记——Maven实战(八)常用Maven插件介绍(下)
    学习笔记——Maven实战(七)常用Maven插件介绍(上)
    学习笔记——Maven实战(六)Gradle,构建工具的未来?
    学习笔记——Maven实战(五)自动化Web应用集成测试
    在Google的GKE上创建支持Internal Load Balancer的Service
    Bash命令查找本机公网IP
    Google Cloud IAM中添加自定义域名
    Debian上启用Apache2服务
    Google Cloud VM上在线扩硬盘
  • 原文地址:https://www.cnblogs.com/Safe3/p/1487507.html
Copyright © 2011-2022 走看看