stackoom
  简体   繁体   中英

In asp.net MVC, How to prevent webrequest to a particular controller?

 原文  2017-10-26 09:16:37       c#/ asp.net/ asp.net-mvc/ asp.net-mvc-4/ nopcommerce

Question

I have an e-commerce website on top of NopCommerce platform where there was an SMS resend OTP service written in MVC Controller (www.mysite.com/customer/resendotp).

A week ago someone started attacking this URL via different IP addresses to send OTP messages. So we renamed our MVC controller to newresendotp (www.mysite.com/customer/newresendotp).

Now unfortunately the attack is still going on to our old mvc controller. I want to prevent all requests to this MVC controller. How do I do that?

1 answers

solution1
 1  2017-10-26 10:10:30

How about blocking the request in IIS by adding the url to the old controller (www.mysite.com/customer/resendotp) as a Request Blocking rule?

https://docs.microsoft.com/en-us/iis/extensions/url-rewrite-module/request-blocking-rule-template

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question WebRequest will not pass headers when used from within ASP.NET MVC controller How to provide access of action methods for particular user in a controller in asp.net mvc How to enable custom http module for a particular controller in ASP.NET MVC 3 How-to prevent CSRF / XSRF in ASP.NET Core MVC App Web API Controller How to prevent an asp.net mvc controller from being instantiated and executed Uploading Data and File via WebRequest to ASP.NET MVC 3 action using c# webrequest to interact with an asp.net mvc 3 website How to prevent MVC Core to add some undesired packages while creating a new controller in ASP.Net MVC Core? How to pass objects using WebRequest (without model) to External Web Api ASP.NET MVC How to set Default Controller in asp.net MVC 4 & MVC 5
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM