asp.net防类似DDOS攻击(CC攻击)代码001 Web.config 002 003 <httpModules> 004 <!–Url重写–> 005 <add type=”UrlRewriter.RewriterHttpModule, UrlRewriter” name=”UrlRewriter”/> 006 <!–防类似DDOS攻击–> 007 <add type=”UrlRewriter.DDosAttackModule, UrlRewriter” name=”DDosAttackModule”/> 008 </httpModules> 009 010 using System; 011 using System.Web; 012 using System.Collections.Generic; 013 using System.Collections.Specialized; 014 using System.Timers; 015 016 namespace UrlRewriter 017 { 018 /// <summary> 019 /// 阻止攻击IP地址的回应 020 /// </summary> 021 public class DosAttackModule : IHttpModule 022 { 023 void IHttpModule.Dispose() { } 024 025 void IHttpModule.Init(HttpApplication context) 026 { 027 context.BeginRequest += new EventHandler(context_BeginRequest); 028 } 029 030 private static Dictionary<string, short> _IpAdresses = new Dictionary<string, short>(); 031 private static Stack<string> _Banned = new Stack<string>(); 032 private static Timer _Timer = CreateTimer(); 033 private static Timer _BannedTimer = CreateBanningTimer(); 034 035 private const int BANNED_REQUESTS = 1; //规定时间内访问的最大次数 036 private const int REDUCTION_INTERVAL = 1000; // 1 秒(检查访问次数的时间段) 037 private const int RELEASE_INTERVAL = 5 * 60 * 1000; // 5 分钟(清除一个禁止IP的时间段) 038 039 private void context_BeginRequest(object sender, EventArgs e) 040 { 041 string ip = HttpContext.Current.Request.UserHostAddress; 042 if (_Banned.Contains(ip)) 043 { 044 HttpContext.Current.Response.StatusCode = 403; 045 HttpContext.Current.Response.End(); 046 } 047 048 CheckIpAddress(ip); 049 } 050 051 /// <summary> 052 /// 检查访问IP 053 /// </summary> 054 private static void CheckIpAddress(string ip) 055 { 056 if (!_IpAdresses.ContainsKey(ip)) //如果没有当前访问IP的记录就将访问次数设为1 057 { 058 _IpAdresses[ip] = 1; 059 } 060 else if (_IpAdresses[ip] == BANNED_REQUESTS) //如果当前IP访问次数等于规定时间段的最大访问次数就拉于“黑名单” 061 { 062 _Banned.Push(ip); 063 _IpAdresses.Remove(ip); 064 } 065 else //正常访问就加次数 1 066 { 067 _IpAdresses[ip]++; 068 } 069 } 070 071 #region Timers 072 073 /// <summary> 074 /// 创建计时器,从_IpAddress减去一个请求。 075 /// </summary> 076 private static Timer CreateTimer() 077 { 078 Timer timer = GetTimer(REDUCTION_INTERVAL); 079 timer.Elapsed += new ElapsedEventHandler(TimerElapsed); 080 return timer; 081 } 082 083 /// <summary> 084 /// 创建定时器,消除一个禁止的IP地址 085 /// </summary> 086 /// <returns></returns> 087 private static Timer CreateBanningTimer() 088 { 089 Timer timer = GetTimer(RELEASE_INTERVAL); 090 timer.Elapsed += delegate { _Banned.Pop(); }; //消除一个禁止IP 091 return timer; 092 } 093 094 /// <summary> 095 /// 创建一个时间器,并启动它 096 /// </summary> 097 /// <param name="interval">以毫秒为单位的时间间隔</param> 098 private static Timer GetTimer(int interval) 099 { 100 Timer timer = new Timer(); 101 timer.Interval = interval; 102 timer.Start(); 103 104 return timer; 105 } 106 107 /// <summary> 108 /// 减去从集合中的每个IP地址的请求 109 /// </summary> 110 private static void TimerElapsed(object sender, ElapsedEventArgs e) 111 { 112 foreach (string key in _IpAdresses.Keys) 113 { 114 _IpAdresses[key]--; 115 if (_IpAdresses[key] == 0) 116 _IpAdresses.Remove(key); 117 } 118 } 119 120 #endregion 121 122 } 123 }