<Doctype HTML public-wcdtd XHTML stricten httpwwwworgtrxhtmldtdxhtml-strictdtd>
Web. config
<Httpmodules>
<! -URL rewriting->
<Add type = "urlrewriter. rewriterhttpmodule, urlrewriter" name = "urlrewriter"/>
<! -Anti-DDOS->
<Add type = "urlrewriter. ddosattackmodule, urlrewriter" name = "ddosattackmodule"/>
</Httpmodules>
Code:
? [Copy to clipboard] view code Java
Using system;
Using system. Web;
Using system. Collections. Generic;
Using system. Collections. Specialized;
Using system. Timers;
Namespace urlrewriter
{
/// <Summary>
/// Response to the blocked IP Address
/// </Summary>
Public class dosattackmodule: ihttpmodule
{
Void ihttpmodule. Dispose (){}
Void ihttpmodule. INIT (httpapplication context)
{
Context. beginrequest + = new eventhandler (context_beginrequest );
}
Private Static dictionary <string, short> _ ipadresses = new dictionary <string, short> ();
Private Static stack <string> _ banned = new stack <string> ();
Private Static timer _ timer = createtimer ();
Private Static timer _ bannedtimer = createbanningtimer ();
Private const int banned_requests = 1; // The maximum number of visits within the specified time
Private const int reduction_interval = 1000; // 1 second (check the period of access times)
Private const int release_interval = 5*60*1000; // 5 minutes (time period for clearing a prohibited IP address)
Private void context_beginrequest (Object sender, eventargs E)
{
String IP = httpcontext. Current. Request. userhostaddress;
If (_ banned. Contains (IP ))
{
HTTP context. Current. response. statuscode = 403;
Httpcontext. Current. response. End ();
}
Checkipaddress (IP );
}
/// <Summary>
/// Check the access IP Address
/// </Summary>
Private Static void checkipaddress (string IP)
{
If (! _ Ipadresses. containskey (IP) // if there is no record of the current IP address, set the number of visits to 1.
{
_ Ipadresses [IP] = 1;
}
Else if (_ ipadresses [IP] = banned_requests) // if the current IP address access count is equal to the maximum access count in the specified time period, it is pulled to the "Blacklist"
{
_ Banned. Push (IP );
_ Ipadresses. Remove (IP );
}
Else // Add 1 for normal access
{
_ Ipadresses [IP] ++;
}
}
# Region timers
/// <Summary>
/// Create a timer and subtract a request from _ IPaddress.
/// </Summary>
Private Static timer createtimer ()
{
Timer timer = gettimer (reduction_interval );
Timer. elapsed + = new elapsedeventhandler (timerelapsed );
Return timer;
}
/// <Summary>
/// Create a timer to remove a prohibited IP Address
/// </Summary>
/// <Returns> </returns>
Private Static timer createbanningtimer ()
{
Timer timer = gettimer (release_interval );
Timer. elapsed + = delegate {_ banned. Pop () ;}; // remove a prohibited IP Address
Return timer;
}
/// <Summary>
/// Create a timer and start it
/// </Summary>
/// <Param name = "interval"> interval in milliseconds </param>
Private Static timer gettimer (INT interval)
{
Timer timer = new timer ();
Timer. interval = interval;
Timer. Start ();
Return timer;
}
/// <Summary>
/// Subtract the request from each IP address in the Set
/// </Summary>
Private Static void timerelapsed (Object sender, elapsedeventargs E)
{
Foreach (string key in _ ipadresses. Keys)
{
_ Ipadresses [Key] --;
If (_ ipadresses [Key] = 0)
_ Ipadresses. Remove (key );
}
}
# Endregion
}
}
Reprinted Reserved: http://blog.wuaiwei.com/2011/04/02/asp-net%e9%98%b2%e7%b1%bb%e4%bc%bcddos%e6%94%bb%e5%87%bb%e4%bb%a3%e7%a0%81/
# C # column