如何更新 ASPNetCoreRateLimit lib 的重试后值?
How to update retry-after value for ASPNetCoreRateLimit lib?
我有一个 Asp.Net 核心 Web 项目,并在中间件中实现了针对 DOS 和 DDOS 攻击的 ASPNetCoreRateLimit 包,如下所示。在“appsetting.json”文件中,IpRateLimiting 设置是在中间件方法下配置的,如下所示。在 IpRateLimiting 设置中,如果 30 分钟内请求计数超过 1000,则显示配额超出响应并测试,一切正常。我想配置阻止时间,我的意思是如果请求计数超过 appsettings.json 的“GeneralRules”部分中提到的限制,我想像“GeneralRules”部分再次提到的那样阻止此 IP 超过 30 分钟。默认情况下,如果请求计数超过设置中提到的值并且在这段时间之后阻止被禁用,则库会阻止 IP。如何以编程方式配置或覆盖 blockin periond?
public class RateLimitMiddleware : IpRateLimitMiddleware
{
private readonly ILogger<IpRateLimitMiddleware> _logger;
public RateLimitMiddleware(
RequestDelegate next, IOptions<IpRateLimitOptions> options, IRateLimitCounterStore counterStore, IIpPolicyStore policyStore, IRateLimitConfiguration config, ILogger<IpRateLimitMiddleware> logger
) : base(next, options, counterStore, policyStore, config, logger)
{
policyStore.SeedAsync();
_logger = logger;
}
//TODO : mail request details
public override Task ReturnQuotaExceededResponse(HttpContext httpContext, RateLimitRule rule, string retryAfter)
{
var message = "Maximum request limit exceeded!";
_logger.LogWarning(message + ". Details : " + httpContext);
httpContext.Response.Headers["Retry-After"] = retryAfter;
httpContext.Response.StatusCode = 429;
httpContext.Response.ContentType = "application/json";
return SpecificPageMiddleware.ReturnIndexPage(httpContext);
}
}
"IpRateLimiting": {
"EnableEndpointRateLimiting": true,
"StackBlockedRequests": true,
"RealIpHeader": "X-Real-IP",
"ClientIdHeader": "X-ClientId",
"HttpStatusCode": 429,
"IpWhitelist": [ "" ],
"EndpointWhitelist": [ "" ],
"QuotaExceededResponse": {
"Content": "<!DOCTYPE html><html lang=\"tr\"><head><meta charset=\"utf-8\" /><meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\"><title>HATA</title><meta name=\"description\" content=\"\" /><meta name=\"viewport\" content=\"width=device-width, initial-scale=1, shrink-to-fit=no\" /><link rel=\"canonical\" href=\"https://www.airclinic.com.tr\" /> <link rel=\"shortcut icon\" href=\"favicon.ico\" /></head><body style=\"background-image: url(../assets/media/error/bg6.jpg);\"><div><div><div><h1 style=\"margin-top: 12rem;\">Hata Kodu : 429</h1><p></p><p\">Maksimum istek limiti aşılmıştır! Lütfen daha sonra tekrar deneyiniz</p></div></div></div></body></html>",
"ContentType": "text/html",
"StatusCode": 429
},
"GeneralRules": [
{
"Endpoint": "*",
"Period": "30m",
"Limit": 1000
}
]
}
How can I configure or override blockin periond programmatically?
您可以访问控制器内的IP策略存储,修改IP规则如下:
public class RateLimitMiddleware : IpRateLimitMiddleware
{
private readonly ILogger<IpRateLimitMiddleware> _logger;
private readonly IpRateLimitOptions _options;
private readonly IIpPolicyStore _ipPolicyStore;
public RateLimitMiddleware(
RequestDelegate next, IOptions<IpRateLimitOptions> options, IRateLimitCounterStore counterStore, IIpPolicyStore policyStore, IRateLimitConfiguration config, ILogger<IpRateLimitMiddleware> logger
) : base(next, options, counterStore, policyStore, config, logger)
{
policyStore.SeedAsync();
_logger = logger;
_options = options.Value;
_ipPolicyStore = policyStore;
}
//TODO : mail request details
public override Task ReturnQuotaExceededResponse(HttpContext httpContext, RateLimitRule rule, string retryAfter)
{
var message = "Maximum request limit exceeded!";
_logger.LogWarning(message + ". Details : " + httpContext);
httpContext.Response.Headers["Retry-After"] = retryAfter;
httpContext.Response.StatusCode = 429;
httpContext.Response.ContentType = "application/json";
String ip = HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
if (string.IsNullOrEmpty(ip))
{
ip = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
}
var pol = _ipPolicyStore.Get(_options.IpPolicyPrefix);
pol.IpRules.Add(new IpRateLimitPolicy
{
Ip = ip,
Rules = new List<RateLimitRule>(new RateLimitRule[] {
rule
})
});
_ipPolicyStore.Set(_options.IpPolicyPrefix, pol);
return SpecificPageMiddleware.ReturnIndexPage(httpContext);
}
}
我有一个 Asp.Net 核心 Web 项目,并在中间件中实现了针对 DOS 和 DDOS 攻击的 ASPNetCoreRateLimit 包,如下所示。在“appsetting.json”文件中,IpRateLimiting 设置是在中间件方法下配置的,如下所示。在 IpRateLimiting 设置中,如果 30 分钟内请求计数超过 1000,则显示配额超出响应并测试,一切正常。我想配置阻止时间,我的意思是如果请求计数超过 appsettings.json 的“GeneralRules”部分中提到的限制,我想像“GeneralRules”部分再次提到的那样阻止此 IP 超过 30 分钟。默认情况下,如果请求计数超过设置中提到的值并且在这段时间之后阻止被禁用,则库会阻止 IP。如何以编程方式配置或覆盖 blockin periond?
public class RateLimitMiddleware : IpRateLimitMiddleware
{
private readonly ILogger<IpRateLimitMiddleware> _logger;
public RateLimitMiddleware(
RequestDelegate next, IOptions<IpRateLimitOptions> options, IRateLimitCounterStore counterStore, IIpPolicyStore policyStore, IRateLimitConfiguration config, ILogger<IpRateLimitMiddleware> logger
) : base(next, options, counterStore, policyStore, config, logger)
{
policyStore.SeedAsync();
_logger = logger;
}
//TODO : mail request details
public override Task ReturnQuotaExceededResponse(HttpContext httpContext, RateLimitRule rule, string retryAfter)
{
var message = "Maximum request limit exceeded!";
_logger.LogWarning(message + ". Details : " + httpContext);
httpContext.Response.Headers["Retry-After"] = retryAfter;
httpContext.Response.StatusCode = 429;
httpContext.Response.ContentType = "application/json";
return SpecificPageMiddleware.ReturnIndexPage(httpContext);
}
}
"IpRateLimiting": {
"EnableEndpointRateLimiting": true,
"StackBlockedRequests": true,
"RealIpHeader": "X-Real-IP",
"ClientIdHeader": "X-ClientId",
"HttpStatusCode": 429,
"IpWhitelist": [ "" ],
"EndpointWhitelist": [ "" ],
"QuotaExceededResponse": {
"Content": "<!DOCTYPE html><html lang=\"tr\"><head><meta charset=\"utf-8\" /><meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\"><title>HATA</title><meta name=\"description\" content=\"\" /><meta name=\"viewport\" content=\"width=device-width, initial-scale=1, shrink-to-fit=no\" /><link rel=\"canonical\" href=\"https://www.airclinic.com.tr\" /> <link rel=\"shortcut icon\" href=\"favicon.ico\" /></head><body style=\"background-image: url(../assets/media/error/bg6.jpg);\"><div><div><div><h1 style=\"margin-top: 12rem;\">Hata Kodu : 429</h1><p></p><p\">Maksimum istek limiti aşılmıştır! Lütfen daha sonra tekrar deneyiniz</p></div></div></div></body></html>",
"ContentType": "text/html",
"StatusCode": 429
},
"GeneralRules": [
{
"Endpoint": "*",
"Period": "30m",
"Limit": 1000
}
]
}
How can I configure or override blockin periond programmatically?
您可以访问控制器内的IP策略存储,修改IP规则如下:
public class RateLimitMiddleware : IpRateLimitMiddleware
{
private readonly ILogger<IpRateLimitMiddleware> _logger;
private readonly IpRateLimitOptions _options;
private readonly IIpPolicyStore _ipPolicyStore;
public RateLimitMiddleware(
RequestDelegate next, IOptions<IpRateLimitOptions> options, IRateLimitCounterStore counterStore, IIpPolicyStore policyStore, IRateLimitConfiguration config, ILogger<IpRateLimitMiddleware> logger
) : base(next, options, counterStore, policyStore, config, logger)
{
policyStore.SeedAsync();
_logger = logger;
_options = options.Value;
_ipPolicyStore = policyStore;
}
//TODO : mail request details
public override Task ReturnQuotaExceededResponse(HttpContext httpContext, RateLimitRule rule, string retryAfter)
{
var message = "Maximum request limit exceeded!";
_logger.LogWarning(message + ". Details : " + httpContext);
httpContext.Response.Headers["Retry-After"] = retryAfter;
httpContext.Response.StatusCode = 429;
httpContext.Response.ContentType = "application/json";
String ip = HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
if (string.IsNullOrEmpty(ip))
{
ip = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
}
var pol = _ipPolicyStore.Get(_options.IpPolicyPrefix);
pol.IpRules.Add(new IpRateLimitPolicy
{
Ip = ip,
Rules = new List<RateLimitRule>(new RateLimitRule[] {
rule
})
});
_ipPolicyStore.Set(_options.IpPolicyPrefix, pol);
return SpecificPageMiddleware.ReturnIndexPage(httpContext);
}
}