我想阻止像abc,xyz.co.uk这样的域名列表访问我的asp网站,同时浏览来自该域名的链接或通过该域名上的任何脚本。所需的结果,它将给出尝试从某个域远程访问我们网站的脚本的403响应 - 或者如果通过浏览器从该域的链接访问它。 我想阻止域而不是IP,因为IP可以动态更改。 我可以使用referer头,但不能总是依赖它发送(或正确) 注意:我的ASP.NET网站托管在IIS 7.5上。 问候, Habib
I want to block a list of domains like abc, xyz.co.uk to access my asp website while browsing from a link from that domain or via any script on that domain. The desired result, it will give the 403 response to scripts that try and remotely access our website from a certain domain - or if it is accessed via a browser from a link from that domain. I want to block domains not IPs because IPs may be dynamically changed. I can use the referer header, but can't depend on it always being sent (or being correct) Note: My ASP.NET website hosted on IIS 7.5. Regards, Habib
推荐答案Quote:
我可以使用referer标题,但不能依赖它始终被发送(或正确)
I can use the referer header, but can't depend on it always being sent (or being correct)
这是真的。除了标题之外,您几乎没有机会知道用户之前访问过的页面。这是网站的基本概念,不容易改变。您可以预先假设大多数浏览器将发送正确的标头,并使用它来阻止访问。 如果这还不够,您可以检查网站在计算机上放置的cookie然后检查这些cookie是否存在。除了这些可能的解决方案,我没有看到任何其他方法。 出于好奇:你为什么需要这个功能?
This is true. Apart from the header, you got nearly no chance to know which page the user visited previously. This is a basic idea of websites, and is not easy to be changed. You can pre-assume that most of the browsers will send the correct header, and use it to block the access. If this isn't enough you can examine what cookies a web site places on the computer and then check whether these cookies do exist. I don't see any other approach apart from these possible solutions. Just out of curiosity: Why do you need this feature?
更多推荐
阻止来自asp.net网站的域名
发布评论