Skip to main content

Restrict ip,user agent,crawlers in asp.net global.asax


Introduction:
In this article I am going to explain about how to allow or restrict particular ips and user agents and crawlers in global.asax file in asp.net/c#.net.

Explanation:
Some internal applications which is used only by particular organization or required to restrict other ips other than their office ips. And also we may restrict the search engines and other crawlers from our competitive sites. For the explanation purpose I have a xml called whitlist.xml which contains all the ip addresses which is to be allowed and user agents which is to be allowed. And important point to know is crawlwers won’t have the cookie for that session. Below is the xml file format.

<?xml version="1.0" encoding="utf-8" ?>
<root>
  <whitelistip ip=""/>
  <whitelistip ip=""/>
  <whitelistip ip=""/>
  <whitelistagent agent="yahoobot" />
  <whitelistagent agent="googlebot" />
</root>

Steps:
I have added all the white listed ips in iplist arraylist and all the allowed useragents to agentlist arraylist. I am checking whether the requesting ip has cookie. If it has ip then it is valid request else it is from a crawler. I am redirecting the session less request to access denied page. All this request is available only in Application_AcquireRequestState . That’s why I am writing all the logics in Application_AcquireRequestState.

Below is the code

void Application_AcquireRequestState(object source, EventArgs e)
    {
       
        try
        {
            LoadWhitelist();
            //checks whether the ip is whitelisted ip or whitelisted agent
            if (CheckIP(Request.UserHostAddress.ToString()) || CheckUserAgent(Request.UserAgent.ToString()))
            {
                return;
            }
            else if (!Session.IsCookieless)// checks user request has cookie
            {
                RedirectPage();
                return;
            }
            else
            {
                RedirectPage();// redirect the page to access denied page.
            }
        }
        catch (Exception ex)
        {

        }
    }
    private void RedirectPage()
    {
        if (Session["redirect"] + "" != "")
        {
            if (Session["redirect"] + "" == "true")
            {
                Session["redirect"] = "false";
                return;
            }
        }
        else
        {
            Session["redirect"] = "true";
            Session["nexturl"] = HttpContext.Current.Request.Url.AbsoluteUri;
            Response.Redirect("accessdenied.aspx", false);
        }
    }
    private void LoadWhitelist()
    {
        if (System.Configuration.ConfigurationManager.AppSettings["whitelist"] + "" != "")
        {
            string path = System.Configuration.ConfigurationManager.AppSettings["whitelist"].ToString();
            if (System.IO.File.Exists(path ))
            {
                XmlDocument xDoc = new XmlDocument();
                xDoc.Load(path );
                XmlElement xEle;
                if (xDoc != null)
                {
                    foreach (XmlNode xNode in xDoc.DocumentElement.SelectNodes("//whitelistip"))
                    {
                        xEle = (XmlElement)xNode;
                        iplist.Add(xEle.GetAttribute("ip").ToString());
                    }
                    foreach (XmlNode xNode in xDoc.DocumentElement.SelectNodes("//whitelistagent"))
                    {
                        xEle = (XmlElement)xNode;
                        agentlist.Add(xEle.GetAttribute("agent").ToString());
                    }
                }
            }
        }
    }
    public Boolean CheckIP(string userip)
    {
        if (iplist.Contains(userip))
            return true;
        else
            return false;
    }
    public Boolean CheckUserAgent(string useragent)
    {
        foreach (string s in agentlist)
        {
            if (useragent.Contains(s))
                return true;
        }
        return false;
    }


If you have any doubt please enter it in comments.Complete source code is attached below. 


Comments

Post a Comment

Popular posts from this blog

Code To Convert rupees(numbers) into words using C#.Net

Introduction: In my previous article I have explained about how to validate emailid using javascript . In this article I am going to explain about code used to convert rupees(numbers) into words using C#.Net . Explanation: For explanation purpose I have a page. It has a textbox to input the numbers. And when you click on the convert to words button then it will convert the input numbers into words and shows it in the below label. Below is the C# code used to do this functionality. public static string NumbersToWords( int inputNumber) {     int inputNo = inputNumber;     if (inputNo == 0)         return "Zero" ;     int [] numbers = new int [4];     int first = 0;     int u, h, t;     System.Text. StringBuilder sb = new System.Text. StringBuilder ();     if (inputNo < 0)     { ...

Puzzles for kids - 12 Days Of Christmas

According to the traditional song, on the first day of Christmas (25th December), my true love sent to me: . A partridge in a pair tree On the second day of Christmas (26th December), my true love sent to me THREE presents: . Two turtle doves . A partridge in a pear tree On the third day of Christmas (27th December and so on) my true love sent to me SIX presents: . Three French hens . Two turtle doves . A partridge in a pear tree This carries on until the the twelfth day of Christmas, when my true love sends me: Twelve drummers drumming Eleven pipers piping Ten lords a-leaping Nine ladies dancing Eight maids a-milking Seven swans a-swimming Six geese a-laying Five gold rings Four calling birds Three French hens Two turtle doves A partridge in a pear tree After the twelve days of Christmas are over, how many presents has my true love sent me altogether? Our Solution: 1 + 3 + 6 + 10 + 15 + 21 + 28 + 36 + 45 + 55 + 66 + 78 = 364 presents Which is really interesting when you think ...

Asp.Net DataTable Manipulation - Add, Update,Delete & Sort DataTable in C#.Net & VB.Net

In the asp.net developer's life it is very common to come across the datatable manipulation. So here i have decided to explain the datatable manipulation like adding records to datatable, editing and updating datatable records,deleting records from datatable based on the condition and finally sorting datatable based on columns.