zoukankan      html  css  js  c++  java
  • An IP Address Blocking HttpModule for ASP.NET

    I'm sure this has been done before, but it was faster to write it than to google for it. There's some IP Addresses that have been bothering me and I don't have access to a firewall or IIS at my ISP, so...

    I can upload a text file called blockedips.txt to my site and the changes happen immediately.

        9 namespace YourModuleNameHere
       10 {
       11     public class IPBlackList : IHttpModule
       12     {
       13         private EventHandler onBeginRequest;
       14 
       15         public IPBlackList()
       16         {
       17             onBeginRequest = new EventHandler(this.HandleBeginRequest);
       18         }
       19 
       20         void IHttpModule.Dispose()
       21         {
       22         }
       23 
       24         void IHttpModule.Init(HttpApplication context)
       25         {
       26             context.BeginRequest += onBeginRequest;
       27         }
       28 
       29         const string BLOCKEDIPSKEY = "blockedips";
       30         const string BLOCKEDIPSFILE = "SiteConfig/blockedips.config";
       31 
       32         public static StringDictionary GetBlockedIPs(HttpContext context)
       33         {
       34             StringDictionary ips = (StringDictionary)context.Cache[BLOCKEDIPSKEY ];
       35             if (ips == null)
       36             {
       37                 ips = GetBlockedIPs(GetBlockedIPsFilePathFromCurrentContext(context));
       38                 context.Cache.Insert(BLOCKEDIPSKEY , ips, new CacheDependency(GetBlockedIPsFilePathFromCurrentContext(context)));
       39             }
       40             return ips;
       41         }
       42 
       43         private static string BlockedIPFileName = null;
       44         private static object blockedIPFileNameObject = new object();
       45         public static string GetBlockedIPsFilePathFromCurrentContext(HttpContext context)
       46         {
       47             if (BlockedIPFileName != null)
       48                 return BlockedIPFileName;
       49             lock(blockedIPFileNameObject)
       50             {
       51                 if (BlockedIPFileName == null)
       52                 {
       53                     BlockedIPFileName = context.Server.MapPath(BLOCKEDIPSFILE);
       54                 }
       55             }
       56             return BlockedIPFileName;
       57         }
       58 
       59         public static StringDictionary GetBlockedIPs(string configPath)
       60         {
       61             StringDictionary retval = new StringDictionary();
       62             using (StreamReader sr = new StreamReader(configPath))
       63             {
       64                 String line;
       65                 while ((line = sr.ReadLine()) != null)
       66                 {
       67                     line = line.Trim();
       68                     if (line.Length != 0)
       69                     {
       70                         retval.Add(line, null);
       71                     }
       72                 }
       73             }
       74             return retval;
       75         }
       76 
       77         private void HandleBeginRequest( object sender, EventArgs evargs )
       78         {
       79             HttpApplication app = sender as HttpApplication;
       80 
       81             if ( app != null )
       82             {
       83                 string IPAddr = app.Context.Request.ServerVariables["REMOTE_ADDR"];
       84                 if (IPAddr == null || IPAddr.Length == 0)
       85                 {
       86                     return;
       87                 }
       88 
       89                 StringDictionary badIPs = GetBlockedIPs(app.Context);
       90                 if (badIPs != null && badIPs.ContainsKey(IPAddr))
       91                 {
       92                     app.Context.Response.StatusCode = 404;
       93                     app.Context.Response.SuppressContent = true;
       94                     app.Context.Response.End();
       95                     return;
       96                 }
       97             }
       98         }
       99     }
      100 }

    And in your web.config:

       42 <system.web>
       43    <httpModules>
       44         <add type="YourModuleNameHere.IPBlackList, YourAssemblyNameHere"
       45             name="IPBlackList" />
       46    </httpModules>
       47 </system.web>
    using System;
    using System.Collections.Generic;
    using System.Text;
    using System.Web;
    using System.Web.SessionState;

    namespace StateWall
    {
    public class StateShield : IHttpModule
    {
      public void Init(HttpApplication ctx)
      {
    ctx.PreRequestHandlerExecute += new EventHandler(RunSessionRules);
      }

      public void Dispose(){}

      private void RunSessionRules(object sender, EventArgs e)
      {
       HttpContext ctx = HttpContext.Current;
       HttpSessionState session = ctx.Session;
         
       if (ctx.Request.Url.LocalPath == "/logout.aspx")
       {
         session.RemoveAll();
         ctx.Response.Write("All session variables are flushed out!");
         ctx.Response.End();
       }
       if (ctx.Request.Url.LocalPath != "/login.aspx")
       {
         int flag = 0;
         foreach (string key in session.Keys)
         {
          if (key.ToString() == "login")
          {
           if (session[key].ToString() == "successful")
           {
             flag = 1;
           }
          }
         }
         if (flag == 0)
         {
          ctx.Response.Write("Unauthorized access without session.");
          ctx.Response.End();
         }
       }       
      }
    }
    }
  • 相关阅读:
    HDU 1789 Doing Homework again(馋)
    Understanding and Using HRMS Security in Oracle HRMS
    BZOJ 1003 ZJOI2006 物流运输trans 动态规划+SPFA
    oracle常规任务
    征服OA 飞鱼工作流程的在线培训课程(两)HTML形成基于
    《iOS8 Swift编程指南》类书图像
    js css 实现简单的计算器
    Android四个基本组件(2)之Service 服务与Content Provider内容提供商
    Unity UGUI——Rect Transform包裹(Anchor Presets)
    NYOJ 1076 计划数(公式 要么 递归)
  • 原文地址:https://www.cnblogs.com/Safe3/p/1487507.html
Copyright © 2011-2022 走看看