iis 限制动态IP地址访问次数

An IP Address Blocking HttpModule for ASP.NET in 9 minutes

namespace YourModuleNameHere
10 {
11 public class IPBlackList : IHttpModule
12 {
13 private EventHandler onBeginRequest;
14
15 public IPBlackList()
16 {
17 onBeginRequest = new EventHandler(this.HandleBeginRequest);
18 }
19
20 void IHttpModule.Dispose()
21 {
22 }
23
24 void IHttpModule.Init(HttpApplication context)
25 {
26 context.BeginRequest += onBeginRequest;
27 }
28
29 const string BLOCKEDIPSKEY = "blockedips";
30 const string BLOCKEDIPSFILE = "SiteConfig/blockedips.config";
31
32 public static StringDictionary GetBlockedIPs(HttpContext context)
33 {
34 StringDictionary ips = (StringDictionary)context.Cache[BLOCKEDIPSKEY ];
35 if (ips == null)
36 {
37 ips = GetBlockedIPs(GetBlockedIPsFilePathFromCurrentContext(context));
38 context.Cache.Insert(BLOCKEDIPSKEY , ips, new CacheDependency(GetBlockedIPsFilePathFromCurrentContext(context)));
39 }
40 return ips;
41 }
42
43 private static string BlockedIPFileName = null;
44 private static object blockedIPFileNameObject = new object();
45 public static string GetBlockedIPsFilePathFromCurrentContext(HttpContext context)
46 {
47 if (BlockedIPFileName != null)
48 return BlockedIPFileName;
49 lock(blockedIPFileNameObject)
50 {
51 if (BlockedIPFileName == null)
52 {
53 BlockedIPFileName = context.Server.MapPath(BLOCKEDIPSFILE);
54 }
55 }
56 return BlockedIPFileName;
57 }
58
59 public static StringDictionary GetBlockedIPs(string configPath)
60 {
61 StringDictionary retval = new StringDictionary();
62 using (StreamReader sr = new StreamReader(configPath))
63 {
64 String line;
65 while ((line = sr.ReadLine()) != null)
66 {
67 line = line.Trim();
68 if (line.Length != 0)
69 {
70 retval.Add(line, null);
71 }
72 }
73 }
74 return retval;
75 }
76
77 private void HandleBeginRequest( object sender, EventArgs evargs )
78 {
79 HttpApplication app = sender as HttpApplication;
80
81 if ( app != null )
82 {
83 string IPAddr = app.Context.Request.ServerVariables["REMOTE_ADDR"];
84 if (IPAddr == null || IPAddr.Length == 0)
85 {
86 return;
87 }
88
89 StringDictionary badIPs = GetBlockedIPs(app.Context);
90 if (badIPs != null && badIPs.ContainsKey(IPAddr))
91 {
92 app.Context.Response.StatusCode = 404;
93 app.Context.Response.SuppressContent = true;
94 app.Context.Response.End();
95 return;
96 }
97 }
98 }
99 }
100 }

And in your web.config:

42 <system.web>
43 <httpModules>
44 <add type="YourModuleNameHere.IPBlackList, YourAssemblyNameHere"
45 name="IPBlackList" />
46 </httpModules>
47 </system.web>
No warrenty, express or implied. If it sucks or has bugs/security holes, let me know as it's 9 minutes work.

上一篇:迅雷创始人程浩:创业公司5招做好内部创新(组建小型敢死队:一共3个人,一个产品经理,两个研发;腾讯做不做这个项目是一个伪命题;让用户来验证,而不是相反 good)


下一篇:在做公司项目是时,昨天晚上还好的,但是第二天启动tomcat发现tomcat启动了,但是没把项目启动起来