在我的应用程序中,我想将请求限制在我网站的登录页面以由服务器处理,如果请求增加了特定数量,则 IIS 应该阻止该 IP 地址一段时间。我已经完成了 IIS 的“IP 地址和域限制”功能,但是如果请求是针对登录页面而不是针对我网站上的任何其他页面和操作,我想阻止该请求。我们如何使用 IIS 实现这一目标?
最佳答案
IIS IP 限制只能用于站点级别。您无法为特定 Controller 或文件夹设置动态 IP 限制。
所以建议改用自定义httpmodule。您可以向此代码添加过滤器,以便 httpmodule 仅对登录页面的命中数进行身份验证。
CS1
public class UrlReWrite : IHttpModule
{
private int rowCount = Convert.ToInt32(ConfigurationManager.AppSettings["HttpRowCount"]);
private int httpTime = Convert.ToInt32(ConfigurationManager.AppSettings["HttpTime"]);
public void Init(HttpApplication application)
{
application.BeginRequest += (new
EventHandler(this.Application_BeginRequest));
application.EndRequest += (new
EventHandler(this.Application_EndRequest));
}
private void Application_BeginRequest(Object source, EventArgs e)
{
HttpApplication Application = (HttpApplication)source;
HttpContext ctx = Application.Context;
string isIp = ctx.Request.UserHostAddress;
if (ctx.Application["time"] == null)
{
ctx.Application["time"] = DateTime.Now;
}
else
{
DateTime isTime = (DateTime)ctx.Application["time"];
int timeTract = Convert.ToInt32(DateTime.Now.Subtract(isTime).Minutes.ToString());
if (timeTract > (httpTime - 1))
{
ctx.Application["time"] = null;
ctx.Application["myip"] = null;
}
}
if (ctx.Application["myip"] != null && ctx.Application["myip"] is CartIp)
{
CartIp cartIp = (CartIp)ctx.Application["myip"];
cartIp.Insert(isIp);
ctx.Application["myip"] = cartIp;
if (cartIp.GetCount(isIp) > rowCount)
{
ctx.Response.Clear();
ctx.Response.Close();
}
}
else
{
CartIp cartIp = new CartIp();
cartIp.Insert(isIp);
HttpContext.Current.Application["myip"] = cartIp;
}
}
private void Application_EndRequest(Object source, EventArgs e)
{
}
public void Dispose()
{
}
}
}
class2.cs
[Serializable]
public class ListIp
{
private string ip;
private int count;
public string IP
{
get { return ip; }
set { ip = value; }
}
public int Count
{
get { return count; }
set { count = value; }
}
}
[Serializable]
public class CartIp
{
public CartIp()
{
if (_listIp == null)
{
_listIp = new List<ListIp>();
}
}
private List<ListIp> _listIp;
public List<ListIp> _ListIp
{
get { return _listIp; }
set { _listIp = value; }
}
public void Insert(string ip)
{
int indexof = ItemLastInfo(ip);
if (indexof == -1)
{
ListIp item = new ListIp();
item.IP = ip;
_listIp.Add(item);
}
else
{
_listIp[indexof].Count += 1;
}
}
public int ItemLastInfo(string ip)
{
int index = 0;
foreach (ListIp item in _ListIp)
{
if (item.IP == ip)
{
return index;
}
index += 1;
}
return -1;
}
/// <summary>
/// get number of IP address
/// </summary>
/// <param name="ip"></param>
/// <returns></returns>
public int GetCount(string ip)
{
foreach (ListIp item in _ListIp)
{
if (item.IP == ip)
{
return item.Count;
}
}
return -1;
}
}
网页配置
<appSettings>
<add key="HttpRowCount" value="100"/>
<add key="HttpTime" value="10"/>
</appSettings>
您只需要创建一个类库。然后复制并修改这些代码以达到您的要求。最后,需要将release dll复制到bin文件夹,通过IIS manager->site node->modules->add managed module导入。
https://www.cnblogs.com/Fooo/archive/2013/01/27/2878820.html
关于.net - 通过 url 在 IIS 中请求速率限制,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/60733707/