anybody knows of blocking certain users (by IP) from accessing your website (website on asp.net mvc).
EDIT: I know that web-servers can do this as well, but I need this at the application level
+1
A:
If you want to do it at the application level you can get the users IP from Request.UserHostAddress and then do a redirect to wherever you want them to go if their IP is in a list you have saved.
Jeremy B.
2010-04-20 12:32:36
+2
A:
It's better to do this in the web server.
However, if you want to do it in code, you can handle the Application.BeginRequest event, check Request.UserHostAddress, and call Response.End.
SLaks
2010-04-20 12:33:36
Please note IPs are easily spoofed.
Nix
2010-04-20 12:35:34
@Nix: Not in this scenario, I believe. Before ASP.NET app gets a request a valid HTTP session must be initiated, and before that a TCP handshake must be complete. This won't happen with a spoofed IP.
VladV
2010-04-20 13:18:03
It is possible... (http://stackoverflow.com/questions/1835343/from-the-perspective-of-an-asp-net-web-form-can-the-request-userhostaddress-be-t)[Spoofing]
Nix
2010-04-20 13:48:17