How to limit page access only to localhost?

后端 未结 3 2101
伪装坚强ぢ
伪装坚强ぢ 2020-12-03 12:13

Is there a way in asp.net to limit the access to a web page only from localhost?

相关标签:
3条回答
  • 2020-12-03 12:20

    this could be a solution:

    protected void Page_Load(object sender, EventArgs e)
    {
        string localhost = Request.Url.Authority;
        if (localhost.IndexOf("localhost") != 0)
            Response.Redirect("defalut.aspx");
    }
    
    0 讨论(0)
  • 2020-12-03 12:24
         if (!HttpContext.Current.Request.IsLocal)
         { 
           Response.Status = "403 Forbidden";
           Response.End();
         }
    
    0 讨论(0)
  • 2020-12-03 12:26

    If you want to do this for a "web page" then I'd use IsLocal, but if you want a subdirectory solution I'd use Url Rewrite 2. http://www.microsoft.com/web/gallery/install.aspx?appid=urlrewrite2. If you don't have this installed already, go and get it as it's very useful. I believe it will be standard on IIS8.

    Then add this to your web.config under <system.webServer/>

    <rewrite>
     <rules>
        <!-- if this rule matches stopProcessing any further rules -->
        <rule name="Block Remote Access to Admin" stopProcessing="true" patternSyntax="ECMAScript" enabled="true">
          <!-- specify secure folder matching trailing / or $ == end of string-->
          <match url="projects(/|$)" ignoreCase="true" />
          <conditions logicalGrouping="MatchAll">
            <!-- Allow local host -->
            <add input="{REMOTE_ADDR}" pattern="localhost" ignoreCase="true" negate="true" />
            <add input="{REMOTE_ADDR}" pattern="127.0.0.1" negate="true" />
            <add input="{REMOTE_ADDR}" pattern="::1" negate="true" />
          </conditions>
          <!-- by default, deny all requests. Options here are "AbortRequest" (drop connection), "Redirect" to a 403 page, "CustomResponse", etc.  -->
          <action type="CustomResponse" statusCode="403" statusDescription="Forbidden" statusReason="Access to this URL is restricted"/>
          <!-- or send the caller to an error page, home page etc
               <action type="Redirect" url="/public/forbidden.htm" redirectType="Temporary" />
          -->
        </rule>
      </rules>
    </rewrite>
    
    0 讨论(0)
提交回复
热议问题