如何确保Elmah使用ASP.NET和IIS 5.1 URL路由
[英]How to secure Elmah working with ASP.NET and IIS 5.1 URL Routing
问题描述
This question builds on the following question: How to get Elmah working with ASP.NET and IIS 5.1 URL Routing 
这个问题建立在以下问题的基础上: 如何让Elmah使用ASP.NET和IIS 5.1 URL路由
The solution suggested there worked, as long as elmah.axd is off of the root of the site. 解决方案建议有效,只要elmah.axd不在网站的根目录下。 What if you want to secure the site as blogged here: Securely Implement ELMAH For Plug And Play Error Logging ? 如果您想以此处博客保护网站该怎么办: 安全地实施ELMAH即插即用错误记录 ?
Moving elmah.axd to /admin/elmah.axd breaks the Fix IIS 5x Wildcard Mapping Module. 将elmah.axd移动到/admin/elmah.axd会破坏Fix IIS 5x通配符映射模块。
My workaround was just to secure "elmah.axd" instead of "admin," like: 我的解决方法是保护“elmah.axd”而不是“admin”,如:
<location path="elmah.axd">
<system.web>
<authorization>
<deny users="?"/>
</authorization>
</system.web>
</location>
Although this works, I feel that there's got to be a more elegant solution. 虽然这有效,但我觉得必须有一个更优雅的解决方案。 Any thoughts? 有什么想法吗?
3 个解决方案
解决方案1
3 2010-02-24 00:31:40
You can also rename elmah.axd to something less obvious. 你也可以将elmah.axd重命名为不太明显的东西。 The name is configurable in your web.config. 该名称可在web.config中配置。
解决方案2
1 已采纳 2010-02-23 23:59:21
That's the same solution I use in my projects. 这与我在项目中使用的解决方案相同。 Anything else more "elegant" would be a lot more complicated and unnecessary. 任何更“优雅”的东西都会变得更加复杂和不必要。
It does the trick and is simple, I'd keep it like that if I was you :-) 这样做很简单,如果我是你,我会保持这样:-)
解决方案3
1 2010-09-17 02:01:50
To add to @Todd Smith's answer: 添加到@Todd Smith的答案:
If you want to rename your elmah.axd, all you need to do is to change the name in the handler. 如果要重命名elmah.axd,您需要做的就是更改处理程序中的名称。
<add name="Elmah" path="ANY_NAME_YOU_LIKE.axd" verb="POST,GET,HEAD" type="Elmah.ErrorLogPageFactory, Elmah"/>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.