async Task DefendRequest(object sender, EventArgs e)
{
var context = ((HttpApplication)sender).Context;
Hacker.Result result = await HackerSprayWebDefence.DefendURL(context);
var resultName = Enum.GetName(typeof(Hacker.Result), result);
if (result != Hacker.Result.Allowed)
{
context.Response.StatusCode = (int)HttpStatusCode.NotAcceptable;
context.Response.StatusDescription = resultName;
context.Response.End();
}
}
public static async Task <Hacker.Result> DefendURL(HttpContext context)
{
Hacker.Result result = Hacker.Result.Allowed;
Stopwatch watch = new Stopwatch();
watch.Start();
if (!Initialized)
{
lock (lockObject)
{
if (!Initialized)
{
Hacker.Logger = new TraceLogger();
Hacker.Logger.LogInformation(ClassName + ' ' + "Initialize");
Hacker.Store = new RedisDefenceStore(HackerSprayConfig.Settings.Redis,
HackerSprayConfig.Settings.Prefix,
Hacker.Config);
Hacker.Logger.LogInformation(ClassName + ' ' + " Initialized");
Initialized = true;
}
}
}
// This handles load balancers passing the original client IP
// through this header.
// WARNING: If your load balancer is not passing original client IP
// through this header, then you will be blocking your load balancer,
// causing a total outage. Also ensure this Header cannot be spoofed.
// Your load balancer should be configured in a way that it does not accept
// this header from the request, instead it always sets it itself.
var originIP = context.Request.GetClientIp();
foreach (var path in HackerSprayConfig.Settings.Paths)
{
if ((path.Post && context.Request.HttpMethod == "POST") ||
(!path.Post && context.Request.HttpMethod == "GET") &&
path.Name == context.Request.Path)
{
Hacker.Logger.LogDebug(ClassName + ' ' + "Path matched: " + context.Request.Path);
if (path.Mode == "key")
{
result = await Hacker.DefendAsync(context.Request.Path, originIP,
path.Interval, path.MaxAttempts,
TimeSpan.MaxValue, long.MaxValue,
TimeSpan.MaxValue, long.MaxValue);
if (result == Hacker.Result.TooManyHitsOnKey)
{
Hacker.Logger.LogInformation(ClassName + ' ' + "TooManyHitsOnKey Blacklist Path: " + context.Request.Path);
await Hacker.BlacklistKeyAsync(path.Name, path.Interval);
}
}
else if (path.Mode == "origin")
{
result = await Hacker.DefendAsync(context.Request.Path, originIP,
TimeSpan.MaxValue, long.MaxValue,
path.Interval, path.MaxAttempts,
TimeSpan.MaxValue, long.MaxValue);
if (result == Hacker.Result.TooManyHitsFromOrigin)
{
Hacker.Logger.LogInformation(ClassName + ' ' + "TooManyHitsFromOrigin Blacklist origin: " + originIP);
await Hacker.BlacklistOriginAsync(originIP, path.Interval);
}
}
else //(path.Mode == "key+origin")
{
result = await Hacker.DefendAsync(context.Request.Path, originIP,
TimeSpan.MaxValue, long.MaxValue,
TimeSpan.MaxValue, long.MaxValue,
path.Interval, path.MaxAttempts);
}
break;
}
}
watch.Stop();
Hacker.Logger.LogDebug(ClassName + ' ' + "DefendURL: " + context.Request.Path + " " + watch.ElapsedMilliseconds);
return(result);
}