I have my contact form set up to throw an exception when a spam attempt is made so now instead of receiving a spam, I receive an exception report.
Exception information:
Exception type: System.Web.HttpRequestValidationException
Exception message: A potentially dangerous Request.Form value was detected from the client (message="com1, <a href="http://prof...").
Request information:
Request path: /Contact
User host address: 213.5.70.205
User:
Is authenticated: False
Authentication Type:
Thread account name: NT AUTHORITY\\NETWORK SERVICE
It’s always the same two IPs:
User host address: 213.5.70.205
User host address: 188.92.75.82
I’m on shared hosting and don’t have access to IIS control panel. Can I block these IPs without affecting performance for non-spammers?
I’ve got to come up with a better way than just checking against a string because this is only effective against specific IPs and I’m going to need range blocking.
public void Init(HttpApplication context)
{
context.BeginRequest += new EventHandler(Application_BeginRequest);
}
How often does BeginRequest occur? Will the new eventhandler be run every time a web page is requested? Is there a better way to check once and let it go from there?
Why put it in the global.asax when it’s derived from IHttpModule?
Here is the entire class:
using System;
using System.Web;
namespace DomainModel.Services
{
public class BlockIPModule : IHttpModule
{
public void Dispose() {}
public void Init(HttpApplication context)
{
context.BeginRequest += new EventHandler(Application_BeginRequest);
}
private void Application_BeginRequest(object sender, EventArgs e)
{
HttpContext context = ((HttpApplication)sender).Context;
string currentIP = context.Request.UserHostAddress;
if (!IsIpValid(currentIP))
{
context.Response.StatusCode = 403;
}
}
private bool IsIpValid(string checkIP)
{
return (checkIP != "213.5.70.205" && checkIP != "188.92.75.82");
}
}
}
What should I use to run this once and then if the user checks out to just give them a pass on further testing? I know it’s not going to take long to run but if I check against a long list of IPs from the database or test against an external blacklist it may slow things down.
Since I don’t want to make any assumptions, I will simply ask…
Is this module really defined in your domainmodel? Considering you might reuse your domain in a desktop app, that module might be rendered useless.
In any case, what I would probably do here is write a service that checks a db table using a repository. Then add a custom attribute in my web project like the following:
Hmm. Wouldn’t the only IP in a desktop app be 127.0.0.1?
Kind of my point.
The semantics of your namespace just confused me because typically, application services aren’t considered part of the “domain”, although it is part of the collective “model”.
Hey, when did you get “Memeber of the Month”? How awesome is that?
Read the following in it’s entirety, and then ask godaddy if they’ve enabled IP Restrictions. If they have, then use the web.config setup as instructed (includes whole ranges), if not, you might want to think about getting a different host. Restriction by IP is a pretty common thing.