1
我试图阻止所有IP地址特定的URL页面(http://www.testdomain.com/login),除了内部管理员IP地址。我没有任何问题阻止登录但我想在本地进行测试以确保内部管理IP从/ login url的阻止规则中排除。看看我迄今为止... IIS |除特定的内部IP地址以外的阻止页面特定的URL
<rewrite>
<rules>
<rule name="RequestBlockingRule1" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
<match url="*login*" negate="false" />
<conditions logicalGrouping="MatchAny" trackAllCaptures="true">
<add input="{HTTP_X_Forwarded_For}" pattern="92.102.130.65" />
</conditions>
<action type="None" />
</rule>
<rule name="RequestBlockingRule2" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions>
<add input="{URL}" pattern="*login*" />
</conditions>
<action type="CustomResponse" statusCode="404" statusReason="File or directory not found." statusDescription="The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable." />
</rule>
我也希望是重复相同的规则,但对于http://www.testdomain.com/home.aspx查询字符串?CTL =登录
<rule name="RequestBlockingRule3" enabled="true" patternSyntax="Wildcard" stopProcessing="true">
<match url="*ctl=login*" negate="false" />
<conditions logicalGrouping="MatchAny" trackAllCaptures="true">
<add input="{HTTP_X_Forwarded_For}" pattern="93.107.170.85" />
</conditions>
<action type="None" />
</rule>
<rule name="RequestBlockingRule4" patternSyntax="Wildcard" stopProcessing="true">
<match url="*" />
<conditions>
<add input="{QUERY_STRING}" pattern="*ctl=login*" />
</conditions>
<action type="CustomResponse" statusCode="404" statusReason="File or directory not found." statusDescription="The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable." />
</rule>
</rules>
</rewrite>
我有什么完成尝试排除特定模式的内部IP,然后跟随实际的阻止规则。有人知道a)更好的选择,或b)看看我可能会或可能没有做错(理想情况下,我想在本地测试这些规则,然后在使用真实IP地址的实际服务器上使用它们)。由于
感谢维克多,是的伟大工程在当地规矩!太多清洁剂了。 – denisjoconnor