What would be the easiest way to ban a specific IP (or a range of addresses) from being able to access my publicly available web site?
Is it possible to do so using the ASP.NET only, without resorting to modifying any IIS settings?
views:
204answers:
3
+2
A:
You can check the Request.ServerVariables["REMOTE_ADDR"] value and if they're banned redirect them to yahoo or something.
Spencer Ruport
2009-03-08 17:35:10
+1
A:
Indeed, Spencer Ruport's suggestion is the right way to go about it. (Not sure I would redirect to Yahoo however - an page informing the user they have been banned would be better, with some option for contacting the web admin if the client feels they were inadvertently banned).
I would add that it would be wise to check the *HTTP_X_FORWARDED_FOR* server variable (representing the IP forwarded by a proxy, or null if none) firstly in order to avoid the issue of the IP address for the proxy (and thus potentially many other users) also being banned.
Noldorin
2009-03-08 17:40:48
+4
A:
It is easy and fast in asp.net using httpmodule, just take a look at Hanselman's post: http://www.hanselman.com/blog/AnIPAddressBlockingHttpModuleForASPNETIn9Minutes.aspx
mohamadreza
2009-03-08 17:42:06
This is *precisely* the kind of problem that HttpModules were designed to solve. http://msdn.microsoft.com/en-us/library/zec9k340(VS.85).aspx
Portman
2009-03-08 18:13:42