0
Posted on 5:21 AM by Softminer and filed under

The Dynamic IP Restrictions Extension for IIS provides IT Professionals and Hosters a configurable module that helps mitigate or block Denial of Service Attacks or cracking of passwords through Brute-force by temporarily blocking Internet Protocol (IP) addresses of HTTP clients who follow a pattern that could be conducive to one of such attacks. This module can be configured such that the analysis and blocking could be done at the Web Server or the Web Site level.


http://www.iis.net/downloads/microsoft/dynamic-ip-restrictions



using System;
using System.Collections.Generic;
using System.Timers;
using System.Web;

public partial class _Default : System.Web.UI.Page 
{
    
  private static Dictionary<string, short> _IpAdresses = new Dictionary<string, short>();
  private static Stack<string> _Banned = new Stack<string>();
  private static Timer _Timer = CreateTimer();
  private static Timer _BannedTimer = CreateBanningTimer();

  

  private const int BANNED_REQUESTS = 10;
  private const int REDUCTION_INTERVAL = 1000; // 1 second
  private const int RELEASE_INTERVAL = 5 * 60 * 1000; // 5 minutes

    protected void Page_Load(object sender, EventArgs e)
    {
         string ip = HttpContext.Current.Request.UserHostAddress;
    if (_Banned.Contains(ip))
    {
      HttpContext.Current.Response.StatusCode = 403;
      HttpContext.Current.Response.End();
    }

    CheckIpAddress(ip);
    }

    /// <summary>
    /// Checks the requesting IP address in the collection
    /// and bannes the IP if required.
    /// </summary>
    private static void CheckIpAddress(string ip)
    {
        if (!_IpAdresses.ContainsKey(ip))
        {
            _IpAdresses[ip] = 1;
        }
        else if (_IpAdresses[ip] == BANNED_REQUESTS)
        {
            _Banned.Push(ip);
            _IpAdresses.Remove(ip);
        }
        else
        {
            _IpAdresses[ip]++;
        }
    }

    #region Timers

    /// <summary>
    /// Creates the timer that substract a request
    /// from the _IpAddress dictionary.
    /// </summary>
    private static Timer CreateTimer()
    {
        Timer timer = GetTimer(REDUCTION_INTERVAL);
        timer.Elapsed += new ElapsedEventHandler(TimerElapsed);
        return timer;
    }

    /// <summary>
    /// Creates the timer that removes 1 banned IP address
    /// everytime the timer is elapsed.
    /// </summary>
    /// <returns></returns>
    private static Timer CreateBanningTimer()
    {
        Timer timer = GetTimer(RELEASE_INTERVAL);
        timer.Elapsed += delegate { _Banned.Pop(); };
        return timer;
    }

    /// <summary>
    /// Creates a simple timer instance and starts it.
    /// </summary>
    /// <param name="interval">The interval in milliseconds.</param>
    private static Timer GetTimer(int interval)
    {
        Timer timer = new Timer();
        timer.Interval = interval;
        timer.Start();

        return timer;
    }

    /// <summary>
    /// Substracts a request from each IP address in the collection.
    /// </summary>
    private static void TimerElapsed(object sender, ElapsedEventArgs e)
    {
        foreach (string key in _IpAdresses.Keys)
        {
            _IpAdresses[key]--;
            if (_IpAdresses[key] == 0)
                _IpAdresses.Remove(key);
        }
    }

    #endregion
}
0
Posted on 3:40 AM by Softminer and filed under ,

protected void Application_BeginRequest(object sender, EventArgs e)
{
	String fullOrigionalpath = Request.Url.ToString();

	if (fullOrigionalpath.Contains("?p="))
	{

		string website = "http://" + Request.Url.Authority;

		Response.Clear();
		//Response.StatusCode = 301;
		Response.Status = "301 Moved Permanently";
		//Response.Redirect(fullOrigionalpath.Replace("default.aspx?p=", "") + "/");
		Response.AddHeader("Location", website + "/" +  Request.QueryString["p"].ToString() + "/");
		Response.End();
	}
}
0
Posted on 3:31 AM by Softminer and filed under

static void Main(string[] internal args)

        {
            //           https://www.cloudflare.com/api_json.html \
            //  -d 'a=zone_file_purge' \
            //-d 'tkn=8afbe6dea02407989af4dd4c97bb6e25' \
            //-d 'email=sample@example.com' \
            //-d 'z=example.com' \
            //-d 'url=http://www.example.com/style.css'

             // Create a request using a URL that can receive a post.
            WebRequest request = WebRequest.Create ("https://www.cloudflare.com/api_json.html");
             request.Proxy = null;
            request.Credentials = CredentialCache.DefaultCredentials;

            //ServicePointManager.ServerCertificateValidationCallback +=
            new  System.Net.Security.RemoteCertificateValidationCallback(AcceptAllCertifications);

            // Set the Method property of the request to POST.
            request.Method = "POST";
            // Create POST data and convert it to a byte array.
            string postData = string.Format("a={0}&tkn={1}&email={2}&z={3}&url={4}", );

            byte[] internal byteArray = Encoding.UTF8.GetBytes (postData);

            // Set the ContentType property of the WebRequest.
            request.ContentType = "application/x-www-form-urlencoded";
            // Set the ContentLength property of the WebRequest.
            request.ContentLength = byteArray.Length;
            // Get the request stream.
            Stream dataStream = request.GetRequestStream ();
            // Write the data to the request stream.
            dataStream.Write (byteArray, 0, byteArray.Length);
            // Close the Stream object.
            dataStream.Close ();
            // Get the response.
            WebResponse response = request.GetResponse ();
            // Display the status.
            Console.WriteLine (((HttpWebResponse)response).StatusDescription);
            // Get the stream containing content returned by the server.
            dataStream = response.GetResponseStream ();
            // Open the stream using a StreamReader for easy access.
            StreamReader reader = new StreamReader (dataStream);
            // Read the content.
            string responseFromServer = reader.ReadToEnd ();
            // Display the content.
            Console.WriteLine (responseFromServer);
            // Clean up the streams.
            reader.Close ();
            dataStream.Close ();
            response.Close ();
}

        public static bool ValidateServerCertificate(object sender,
	X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
        {
            return true;
        }
0
Posted on 2:02 AM by Softminer and filed under

public static void InfoButton(this HtmlHelper helper, string id, string description)
{
var response = helper.ViewContext.HttpContext.Response;
System.Web.Mvc.Html.RenderPartialExtensions.RenderPartial(helper, "_partial", 
new ViewDataDictionary { { "id", id }, { "descr", description } });
}