10

I'm trying to use IIS Dynamic IP Restrictions to throttle requests from the same IP. I have the module running and the requests are nicely throttled if I edit the dynamic restrictions settings from the IIS UI. This is nice however I need to have different rates on different URLs. Login should be for example more strict than static resources. I'm trying to use locations in web.config to achieve this.

<configuration>
  <location path="foo">
  <system.webServer>   
    <security>     
      <dynamicIpSecurity enableLoggingOnlyMode="true">       
         <denyByRequestRate enabled="true" maxRequests="1" 
            requestIntervalInMilliseconds="5000" />
      </dynamicIpSecurity>
   </security>  
  </system.webServer> 
  </location>
</configuration>

Unfortunately, this doesn't apply. I'm quite sure it has nothing to do with my app because it doesn't work also on a static web with one HTML file. I'm also quite sure that the location path is correct, because the requests are blocked if I add ...<deny users="*" />.

4

1 回答 1

5

这是不可能的。从模块描述:

可以配置此模块,以便可以在 Web 服务器或网站级别进行分析和阻止。

在内部,这被实现为 HttpModule(即本机 HttpModule)。HttpModule 为每个请求运行 - 位置不会影响它们。作为参考,请查看 从使用 HTTPModule 中排除某些页面

因此,您唯一的其他选择(如果您需要支持这个确切的模块)是将您的站点组织成几个迷你应用程序。

喜欢

/ -> 根网络应用程序

/Content -> 具有静态内容的 Web 应用程序

/Login -> 具有登录功能的 Web 应用程序

并在每个迷你应用程序中创建具有适当规则的 web.config。

于 2016-11-02T11:08:17.623 回答