asp.net防类似DDOS攻击(CC攻击)代码

< DOCTYPE html PUBLIC -WCDTD XHTML StrictEN httpwwwworgTRxhtmlDTDxhtml-strictdtd>

Web.config
 

 
 
 
 
 

 
 
 
代码:
 
?[Copy to clipboard]View Code JAVA

 


using System;
using System.Web;
using System.Collections.Generic;
using System.Collections.Specialized;
using System.Timers;
 
namespace UrlRewriter
{
    ///


    /// 阻止攻击IP地址的回应
    ///

    public class DosAttackModule : IHttpModule
    {
        void IHttpModule.Dispose() { }
 
        void IHttpModule.Init(HttpApplication context)
        {
            context.BeginRequest += new EventHandler(context_BeginRequest);
        }
 
        private static Dictionary _IpAdresses = new Dictionary();
        private static Stack _Banned = new Stack();
        private static Timer _Timer = CreateTimer();
        private static Timer _BannedTimer = CreateBanningTimer();
 
        private const int BANNED_REQUESTS = 1; //规定时间内访问的最大次数
        private const int REDUCTION_INTERVAL = 1000; // 1 秒(检查访问次数的时间段)
        private const int RELEASE_INTERVAL = 5 * 60 * 1000; // 5 分钟(清除一个禁止IP的时间段)
 
        private void context_BeginRequest(object sender, EventArgs e)
        {
            string ip = HttpContext.Current.Request.UserHostAddress;
            if (_Banned.Contains(ip))
            {
                HttpContext.Current.Response.StatusCode = 403;
                HttpContext.Current.Response.End();
            }
 
            CheckIpAddress(ip);
        }
 
        ///
        /// 检查访问IP
        ///

        private static void CheckIpAddress(string ip)
        {
            if (!_IpAdresses.ContainsKey(ip)) //如果没有当前访问IP的记录就将访问次数设为1
            {
                _IpAdresses[ip] = 1;
            }
            else if (_IpAdresses[ip] == BANNED_REQUESTS) //如果当前IP访问次数等于规定时间段的最大访问次数就拉于“黑名单”
            {
                _Banned.Push(ip);
                _IpAdresses.Remove(ip);
            }
            else //正常访问就加次数 1
            {
                _IpAdresses[ip]++;
            }
        }
 
        #region Timers
 
        ///
        /// 创建计时器,从_IpAddress减去一个请求。
        ///

        private static Timer CreateTimer()
        {
            Timer timer = GetTimer(REDUCTION_INTERVAL);
            timer.Elapsed += new ElapsedEventHandler(TimerElapsed);
            return timer;
        }
 
        ///
        /// 创建定时器,消除一个禁止的IP地址
        ///

        ///
        private static Timer CreateBanningTimer()
        {
            Timer timer = GetTimer(RELEASE_INTERVAL);
            timer.Elapsed += delegate { _Banned.Pop(); }; //消除一个禁止IP
            return timer;
        }
 
        ///
        /// 创建一个时间器,并启动它
        ///

        /// 以毫秒为单位的时间间隔
        private static Timer GetTimer(int interval)
        {
            Timer timer = new Timer();
            timer.Interval = interval;
            timer.Start();
 
            return timer;
        }
 
        ///
        /// 减去从集合中的每个IP地址的请求
        ///

        private static void TimerElapsed(object sender, ElapsedEventArgs e)
        {
            foreach (string key in _IpAdresses.Keys)
            {
                _IpAdresses[key]--;
                if (_IpAdresses[key] == 0)
                    _IpAdresses.Remove(key);
            }
        }
 
        #endregion
 
    }
}

转载保留 : http://blog.wuaiwei.com/2011/04/02/asp-net%e9%98%b2%e7%b1%bb%e4%bc%bcddos%e6%94%bb%e5%87%bb%e4%bb%a3%e7%a0%81/

#c#专栏

你可能感兴趣的:(asp.net防类似DDOS攻击(CC攻击)代码)