Skip to main content

Restrict ip,user agent,crawlers in asp.net global.asax

By

Introduction:
In this article I am going to explain about how to allow or restrict particular ips and user agents and crawlers in global.asax file in asp.net/c#.net.

Explanation:
Some internal applications which is used only by particular organization or required to restrict other ips other than their office ips. And also we may restrict the search engines and other crawlers from our competitive sites. For the explanation purpose I have a xml called whitlist.xml which contains all the ip addresses which is to be allowed and user agents which is to be allowed. And important point to know is crawlwers won’t have the cookie for that session. Below is the xml file format.

<?xml version="1.0" encoding="utf-8" ?>
<root>
  <whitelistip ip=""/>
  <whitelistip ip=""/>
  <whitelistip ip=""/>
  <whitelistagent agent="yahoobot" />
  <whitelistagent agent="googlebot" />
</root>

Steps:
I have added all the white listed ips in iplist arraylist and all the allowed useragents to agentlist arraylist. I am checking whether the requesting ip has cookie. If it has ip then it is valid request else it is from a crawler. I am redirecting the session less request to access denied page. All this request is available only in Application_AcquireRequestState . That’s why I am writing all the logics in Application_AcquireRequestState.

Below is the code

void Application_AcquireRequestState(object source, EventArgs e)
    {
       
        try
        {
            LoadWhitelist();
            //checks whether the ip is whitelisted ip or whitelisted agent
            if (CheckIP(Request.UserHostAddress.ToString()) || CheckUserAgent(Request.UserAgent.ToString()))
            {
                return;
            }
            else if (!Session.IsCookieless)// checks user request has cookie
            {
                RedirectPage();
                return;
            }
            else
            {
                RedirectPage();// redirect the page to access denied page.
            }
        }
        catch (Exception ex)
        {

        }
    }
    private void RedirectPage()
    {
        if (Session["redirect"] + "" != "")
        {
            if (Session["redirect"] + "" == "true")
            {
                Session["redirect"] = "false";
                return;
            }
        }
        else
        {
            Session["redirect"] = "true";
            Session["nexturl"] = HttpContext.Current.Request.Url.AbsoluteUri;
            Response.Redirect("accessdenied.aspx", false);
        }
    }
    private void LoadWhitelist()
    {
        if (System.Configuration.ConfigurationManager.AppSettings["whitelist"] + "" != "")
        {
            string path = System.Configuration.ConfigurationManager.AppSettings["whitelist"].ToString();
            if (System.IO.File.Exists(path ))
            {
                XmlDocument xDoc = new XmlDocument();
                xDoc.Load(path );
                XmlElement xEle;
                if (xDoc != null)
                {
                    foreach (XmlNode xNode in xDoc.DocumentElement.SelectNodes("//whitelistip"))
                    {
                        xEle = (XmlElement)xNode;
                        iplist.Add(xEle.GetAttribute("ip").ToString());
                    }
                    foreach (XmlNode xNode in xDoc.DocumentElement.SelectNodes("//whitelistagent"))
                    {
                        xEle = (XmlElement)xNode;
                        agentlist.Add(xEle.GetAttribute("agent").ToString());
                    }
                }
            }
        }
    }
    public Boolean CheckIP(string userip)
    {
        if (iplist.Contains(userip))
            return true;
        else
            return false;
    }
    public Boolean CheckUserAgent(string useragent)
    {
        foreach (string s in agentlist)
        {
            if (useragent.Contains(s))
                return true;
        }
        return false;
    }


If you have any doubt please enter it in comments.Complete source code is attached below. 


Download Source Code Here
Labels:

Comments

  1. selva.k3:36 pm, April 17, 2012

    superb da..If possible for domain IP restrication?

    ReplyDelete

Post a Comment

Popular posts from this blog

Sort Dictionary Based On Value In Asp.Net And C#.Net | Convert Dictionary into KeyValuePair or KeyValuePair into Dictionary.

By
In this tutorial i am going to explain about how to sort dictionary object based on value in asp.net and C#.Net or convert unsorted dictionary to sorted dictionary object in C#.Net and VB.Net or Convert Dictionary into KeyValuePair or KeyValuePair into Dictionary.
Post a Comment
Read More...

Code To Convert rupees(numbers) into words using C#.Net

By
Introduction: In my previous article I have explained about how to validate emailid using javascript . In this article I am going to explain about code used to convert rupees(numbers) into words using C#.Net . Explanation: For explanation purpose I have a page. It has a textbox to input the numbers. And when you click on the convert to words button then it will convert the input numbers into words and shows it in the below label. Below is the C# code used to do this functionality. public static string NumbersToWords( int inputNumber) {     int inputNo = inputNumber;     if (inputNo == 0)         return "Zero" ;     int [] numbers = new int [4];     int first = 0;     int u, h, t;     System.Text. StringBuilder sb = new System.Text. StringBuilder ();     if (inputNo < 0)     { ...
16 comments
Read More...

C# code to send mail using smtp from gmail,yahoo mail and live mail

By
Introduction: In my previous article I have explained about   How to bind/Unbind events in jQuery . In this article I am going to explain about how to send mail from ASP.Net using gmail,yahoomail and live mail credentials. Explanation: First Include the below namespaces in your code behind file. using System; using System.Net; using System.Net.Mail;
6 comments
Read More...