asp.net防类似DDOS攻击(CC攻击)代码001 Web.config
002
003 <httpModules>
004 <!–Url重写–>
005 <add type=”UrlRewriter.RewriterHttpModule, UrlRewriter” name=”UrlRewriter”/>
006 <!–防类似DDOS攻击–>
007 <add type=”UrlRewriter.DDosAttackModule, UrlRewriter” name=”DDosAttackModule”/>
008 </httpModules>
009
010 using System;
011 using System.Web;
012 using System.Collections.Generic;
013 using System.Collections.Specialized;
014 using System.Timers;
015
016 namespace UrlRewriter
017 {
018 /// <summary>
019 /// 阻止攻击IP地址的回应
020 /// </summary>
021 public class DosAttackModule : IHttpModule
022 {
023 void IHttpModule.Dispose() { }
024
025 void IHttpModule.Init(HttpApplication context)
026 {
027 context.BeginRequest += new EventHandler(context_BeginRequest);
028 }
029
030 private static Dictionary<string, short> _IpAdresses = new Dictionary<string, short>();
031 private static Stack<string> _Banned = new Stack<string>();
032 private static Timer _Timer = CreateTimer();
033 private static Timer _BannedTimer = CreateBanningTimer();
034
035 private const int BANNED_REQUESTS = 1; //规定时间内访问的最大次数
036 private const int REDUCTION_INTERVAL = 1000; // 1 秒(检查访问次数的时间段)
037 private const int RELEASE_INTERVAL = 5 * 60 * 1000; // 5 分钟(清除一个禁止IP的时间段)
038
039 private void context_BeginRequest(object sender, EventArgs e)
040 {
041 string ip = HttpContext.Current.Request.UserHostAddress;
042 if (_Banned.Contains(ip))
043 {
044 HttpContext.Current.Response.StatusCode = 403;
045 HttpContext.Current.Response.End();
046 }
047
048 CheckIpAddress(ip);
049 }
050
051 /// <summary>
052 /// 检查访问IP
053 /// </summary>
054 private static void CheckIpAddress(string ip)
055 {
056 if (!_IpAdresses.ContainsKey(ip)) //如果没有当前访问IP的记录就将访问次数设为1
057 {
058 _IpAdresses[ip] = 1;
059 }
060 else if (_IpAdresses[ip] == BANNED_REQUESTS) //如果当前IP访问次数等于规定时间段的最大访问次数就拉于“黑名单”
061 {
062 _Banned.Push(ip);
063 _IpAdresses.Remove(ip);
064 }
065 else //正常访问就加次数 1
066 {
067 _IpAdresses[ip]++;
068 }
069 }
070
071 #region Timers
072
073 /// <summary>
074 /// 创建计时器,从_IpAddress减去一个请求。
075 /// </summary>
076 private static Timer CreateTimer()
077 {
078 Timer timer = GetTimer(REDUCTION_INTERVAL);
079 timer.Elapsed += new ElapsedEventHandler(TimerElapsed);
080 return timer;
081 }
082
083 /// <summary>
084 /// 创建定时器,消除一个禁止的IP地址
085 /// </summary>
086 /// <returns></returns>
087 private static Timer CreateBanningTimer()
088 {
089 Timer timer = GetTimer(RELEASE_INTERVAL);
090 timer.Elapsed += delegate { _Banned.Pop(); }; //消除一个禁止IP
091 return timer;
092 }
093
094 /// <summary>
095 /// 创建一个时间器,并启动它
096 /// </summary>
097 /// <param name="interval">以毫秒为单位的时间间隔</param>
098 private static Timer GetTimer(int interval)
099 {
100 Timer timer = new Timer();
101 timer.Interval = interval;
102 timer.Start();
103
104 return timer;
105 }
106
107 /// <summary>
108 /// 减去从集合中的每个IP地址的请求
109 /// </summary>
110 private static void TimerElapsed(object sender, ElapsedEventArgs e)
111 {
112 foreach (string key in _IpAdresses.Keys)
113 {
114 _IpAdresses[key]--;
115 if (_IpAdresses[key] == 0)
116 _IpAdresses.Remove(key);
117 }
118 }
119
120 #endregion
121
122 }
123 }