如果用户在3次尝试错误密码,则阻止IP地址 [英] Block ip address if user attempt wrong password in 3 times
问题描述
如果用户在3次尝试错误密码,则阻止用户IP地址,无法访问我们的网站。并显示消息。
我尝试过的事情:
i只是想要要做到这一点,但不知道我们怎么做。
你可以做到......但这是一个糟糕的主意。
您可以非常轻松地获得用户IP:
string ip = Request.UserHostAddress;
在你的数据库中添加一个包含禁止地址的表格是微不足道的。
但是...这会导致更多的问题而不是它解决了。
第一个问题是IP地址并非特定于单个设备:它是将用户设备连接到ISP的路由器(或类似设备)的地址,因此互联网 - 因此对于公司而言,建筑物中的所有员工都可能共享相同的IP地址。 (您无法访问内部到楼的IP地址,因为它永远不会离开路由器,并且每个LAN安装都很常见:几乎所有的内部都使用192.168.xx地址。而且您无法访问MAC地址除非在非常特殊的情况下发生在一定数量的情况下 - 并且它们也没有帮助,因为它们也不是唯一的,并且是欺骗的微不足道。
第二个问题是大多数用户拥有动态IP地址 - 当路由器连接到宽带网络时由ISP分配 - 因此禁止它除了在以后分配它们时惹恼无辜用户之外什么也不做!并且获得新IP通常很简单:关闭你的路由器并等待ISP定义的短暂时间,当你重新启动它时你会得到一个新的。
我不会这样做。 ,我会阻止用户名并向注册的电子邮件地址发送一封电子邮件,其中包含取消阻止它的链接(需要有效密码)。
if user attempts wrong password in 3 times, then block user IP address and make unable to visit our website. and show message.
What I have tried:
i just want to do this but don't know how we can do this.解决方案You can do it...but it's a poor idea.
You can get the user IP very easily:
string ip = Request.UserHostAddress;
And it's trivial to add a table you your DB which contains "banned" addresses.
But...that is going to cause more problems than it solves.
The first problem is that the IP address is not specific to a single device: it is the address of the router (or similar equipment) that connects the user device to the ISP and thus the internet - so for a company it's likely that all employees in the building will "share" the same IP address. (You can't access the internal-to-the-building IP address because that never leaves the router, and it is common to every LAN installation: nearly all of them use 192.168.x.x addresses internally. And you can't access the MAC address except in very specific circumstances which occur in a minute number of cases - and they wouldn't help because they aren't unique either, and are trivial to "spoof".
The second problem is that most users have a dynamic IP address - it is assigned by the ISP when the router connects to the broadband network - so banning it does nothing except annoy innocent users when they are assigned it later! And to get a new IP is generally simple: turn off your router and wait a short period defined by the ISP and you'll get a new one when you restart it.
I wouldn't do it. Instead, I'd block the username and send an email to the registered email address with a link to "unblock" it (which requires the valid password).
这篇关于如果用户在3次尝试错误密码,则阻止IP地址的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
