ASP.NET MVC3 - 你怎么用探测请求呢? [英] ASP.NET MVC3 - what do you do with probing requests?
问题描述
我们的网站上线,当然,我们开始收到探测请求的负荷,
像
our site went online and of course, we started to receive loads of probing requests, like
/博客/ WP-login.php中'结果
/admin/admin.php
'/blog/wp-login.php'
'/admin/admin.php'
等。结果
所以,问题是,你怎么跟他们做什么?
etc.
So question is, what do you do with them?
目前在每种情况下404错误被抛出ELMAH发送电子邮件这件事,但我认为这将是更好地忽略,至少所有的PHP请求的。
Right now in each case 404 error is thrown and elmah sends email about it, but I think it would be better to ignore at least all php requests at all.
如何做到这一点,这样的请求将负载最小的服务器,可能是有可能做到,那asp.net管道将不参与这样的请求?结果
或者是更好的重定向,或返回空结果?
How to do that, that such requests would minimally load server, may be it is possible to do, that asp.net pipeline would be not involved in such requests?
Or is it better to redirect, or return empty result?
如果这需要简单地添加IgnoreRoutes,可能是有人有套好路线,这会忽略最探测请求?
If that would require simply add IgnoreRoutes, may be someone has good set of routes, that would ignore most of the probing requests?
推荐答案
我知道你说的你不想使用IIS重写模块,因为它是在IIS上增加了额外负担,但事实上,使用IIS来处理这些会比突入您的应用程序做同样的事情(尽管两者都是非常小的资源明智)较不密集。如果你想忽略IIS上负载的最小量的要求和你的带宽,我建议以下
I know that you have stated the you don't want to use the rewrite module in IIS as it 'adds additional load on IIS', but in truth, using IIS to handle these will be less intensive than passing into your application to do the same thing (even though both are extremely small resource-wise). If you want to ignore the request with the minimal amount of load on IIS and your bandwidth, I would suggest the following
<rewrite>
<rules>
<rule name="Fail PHP requests">
<match url=".*"/>
<conditions>
<add input="{URL}" pattern="*.php*" />
</conditions>
<action type="AbortRequest" />
</rule>
</rules>
</rewrite>
该重写设置为完全AbortRequest动作类型切断HTTP连接和下降的要求,没有404或403错误返回。从
This rewrite with the action type set to AbortRequest completely severs the HTTP connection and drops the request, no 404 or 403 errors returned. Taken from Learn IIS in the 'Creating an Access Block' section.
修改 - 既然有从使用重写模块和性能OP的关注,我要提交仍然可以赶上的.php请求不使用重写模块的第二选择。 IIS7及以上还支持请求筛选,并根据学习IIS,请求过滤...
EDIT - Since there are concerns from the OP on using the rewrite module and performance, I am going to submit a second option that may still catch .php request without using the rewrite module. IIS7 and above also support Request Filtering and according to Learn IIS, Request filtering is...
请求筛选模块运行在请求的开始
通过处理BeginRequest事件处理管道。该模块
评估请求的元数据,如头,查询字符串,
内容长度等,以确定该请求是否
元数据的任何现有的过滤器相匹配。如果存在匹配,模块
产生一个404(文件未找到)的应答,然后在快捷方式
在IIS管道的其余部分。
The request filtering module runs at the beginning of the request processing pipeline by handling the BeginRequest event. The module evaluates the request metadata, such as headers, the query string, content length, etc, in order to determine whether the request metadata matches any existing filter. If there is a match, the module generates a 404 (File Not Found) response and then shortcuts the remainder of the IIS pipeline
要实现,添加以下部分到你的web.config:
To implement, add the following section to your web.config:
<configuration>
<system.webServer>
<security>
<requestFiltering>
<fileExtensions allowUnlisted="true" >
<add fileExtension=".php" allowed="false"/>
</fileExtensions>
</requestFiltering>
</security>
</system.webServer>
</configuration>
这篇关于ASP.NET MVC3 - 你怎么用探测请求呢?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
