예제 #1
0
        /// <summary>
        /// Is this a dos attack?
        /// </summary>
        public (bool ShouldBlockClient, ThrottleInfo?ThrottleInfo) IsDosAttack(AntiDosFirewallRequestInfo requestInfo)
        {
            var key       = GetCacheKey(requestInfo);
            var expiresAt = GetCacheExpiresAt();

            if (!_cacheService.TryGetValue <ThrottleInfo>(key, out var clientThrottleInfo))
            {
                clientThrottleInfo = new ThrottleInfo {
                    RequestsCount = 1, ExpiresAt = expiresAt
                };
                _cacheService.Add(key, clientThrottleInfo, expiresAt, size: 1);
                return(false, clientThrottleInfo);
            }

            if (clientThrottleInfo.RequestsCount > _antiDosConfig.Value.AllowedRequests)
            {
                clientThrottleInfo.BanReason = "IsDosAttack";
                _cacheService.Add(key, clientThrottleInfo, expiresAt, size: 1);
                return(true, clientThrottleInfo);
            }

            clientThrottleInfo.RequestsCount++;
            _cacheService.Add(key, clientThrottleInfo, expiresAt, size: 1);
            return(false, clientThrottleInfo);
        }
        private void addResetHeaders(HttpContext context, ThrottleInfo throttleInfo)
        {
            if (throttleInfo == null)
            {
                return;
            }
            context.Response.Headers["X-RateLimit-Limit"] = _antiDosConfig.Value.AllowedRequests.ToString();
            var requestsRemaining = Math.Max(_antiDosConfig.Value.AllowedRequests - throttleInfo.RequestsCount, 0);

            context.Response.Headers["X-RateLimit-Remaining"] = requestsRemaining.ToString();
            context.Response.Headers["X-RateLimit-Reset"]     = throttleInfo.ExpiresAt.ToUnixTimeSeconds().ToString();
            context.Response.Headers["Retry-After"]           = context.Response.Headers["X-RateLimit-Reset"];
        }