Best Way To Prevent Visitors From Excessively Requesting Resource-consuming Pages?
Dec 22, 2010
I am a newbie and trying to develop a Yellow-Pages like portal using ASP.NET MVC. I am wondering there will be some bad visitors who excessively request the portal pages to slow down my portal and to block request from other legitimate visitors. My current idea is put a nugget (an embedded code block) in master page to check the interval between two consecutive request. If the interval is less than 5 seconds (for example), I will reject/terminate to render the request.
My question:
What is the best way to handle this issue? If my idea above is applicable to solve this issue, what function must I call to terminate the rendering process (before doing resource-intensive job)?
EDIT 1:
Can we set this on server (IIS settings) globally instead of per application basis?
We have a Web Application (WebApplication A) which is in place and serving fine, we are working on another WebApplication which will use the Engine of Existing Web Application (WebApplication B) to some extent.
Problem: WebApplication A responds when a http request is made for a resource, like LatestPost.aspx, which passes it down to relevant class / Module like FrontManager.cs. I want to know how can we access that Module / class (FrontManager.cs) from WebApplication B, without requesting a Web Page ?
I'm using resources like this; " runat="server" />
Resources are maintained in a database and resourcefiles are generated when new translations are added. Sometimes bad references to keys happens. This results in error on the whole page.
How can I prevent the whole page from crashing when a resource does not exist? I just want a tiny error message where the resource lacks, like "Not found: Users.DetailsUserHeadline".
I also want to dynamically retrieve resources from code behind, by defining the key as a string "Users.DetailsUserHeadline" without any erros.
At the moment in my ASP.NET webApp I have some resources such as some .pdf files or pictures in specific folder in the host . If any user know the URL of those files can access them from the browser , How can i manage access or ban anonymous user from those files ?
Is There Any Way or trick to generate local resource for all pages in visual studio 2010 automatically? I have about 500 pages and UserControls. its hard to generate resource for every page one by one.
I am using custom user membership in asp.NET so user is an object that contains members. One of the user's members is "IsCompanyAdmin".I have a few aspx pages for company administrators only.Is there any way to prevent those pages from non-administrator users using the web.config?
I am developing an ASP.NET website. There are some pages on my sit that I want him to see only if he is a registered user. If not, he should be redirected to the appropriate page. Should I be checking this on the Page_load event that the user is logged in or not?If the user types the name of the URL, this would still work, right?
I have a folder within my website called 'ProtectedPages' which contains pages which users can only see if they have logged in (MyAccount.aspx etc). If they bookmark that page and try to go to it without logging-in, they are immediately bounced to my login page.However, if I have text files, images etc. in there, then it seems users can get to these fine without the need to login - all they need is the URL. For example, I could send the URL http://mysite.com/ProtectedPages/MyAccount.aspx to a friend and he wouldn't be able to access it until he had logged in. However, I could send himttp://mysite.com/ProtectedPages/ATextDocument.txt and it would show it to him without any problems.How would I go about protecting ALL files within this folder? I have a web.config file within the ProtectedPages folder which just has this information in it (I don't want TrainingAdministrator's to have access to that folder at all)
I am using URL Routing in my .Net Web Application. I would like to prevent users from being able to access the .aspx page.
Example:
Actual URL - [URL]
Routed URL - [URL]
I want users to be able to access the page only by going to /Testimonials, but I would like to setup /Testimonials.aspx to redirect to its route at /Testimonials.
Is there an easy way to do this for Routed Pages throughout the application?
i have create web application for school management system...bt when i run my webside...(my welcome page is defaul.aspx bt if i want to acces studentdetail.aspx then i only enter url and i get studentdetail.aspx)
In our web application we need to keep various company's settings. For eg "DiamondProdRefIDCaption","Shippingpickup","ZipCodeCaption","DefaultCountry","AllowToEditInvoice", etcThese settings are different for various companies and are placed in web.config as key-value pair.Initially, we have tried do simplify this process by adding a company_settings table in the DB so as to allow us to add companies on the fly. However, this method makes it very difficult to add a new setting
I have 2 master pages Default.aspx is from Site.Master and some more pages that are from Admin.Master, I have used the code that to prevent the user from going back to previous pages after logout.
Here is my code
function preventBack() { window.history.forward(); } setTimeout("preventBack()", 0); window.onunload = function () { null };
The problem I am facing Admin.
Master page i.e I have Home.aspx, AboutUs.aspx,Admin.aspx,AddItem.aspx I was unable to navigate between those pages also. how to solve this. I have tried other methods also, but still facing same problem.
I just did an audit of one of my web application page (built using ASP.Net and running on development server) using Google chrome's developer tool. One particular warning caught my eyes:
Serve static content from a cookieless domain (5)!
Here is my screen shot [URL] as well. I would like to know is it possible to avoid cookies for these kind of requests. I see that there is no cookie requests for javascript files as well. I it possible to avoid cookies in the header for these files as well? and why didn't the browser attach cookies for javascript files and attach for CSS and image?
I know this probably isn't possible, but I would like to be able to get the Request user ID from within an ASP.NET web service method. So far, I've tried User.Identity.Name, Context.Request.LogonUserIdentity.Name, Request.ServerVariables["AUTH_USER"] and Request.ServerVariables["LOGON_USER"]. Am I tilting at windmills here, or is there something super simple that I'm missing?
I have a page signup.aspx where user can register, how this page will find from which page request came from and how it will redirect user after registration to the requesting page, i want to do this using query string but don't know how PLZ SHOW ME CODES.
I made a custom MembershipProvider to work with Oracle and my own database schema. I also have my own layout of controls and am not using the built in ASP log in controls. I don't even want to use it templatized. Reason being is that I don't want to show all those controls on one page.I want on the top of every page on the siteUsername textbox Password textbox Sign In button Register buttonI created a register form as the first step of trying out my provider. Everything has landed in the database correctly.Now my problem is that when a user clicks the Register button from any page, I need to note what page is requesting the registration form and then send them back when registration is complete. The built in controls seem to automate this behavior, but I do not know how to do it myself.So question is: How can I program the site to remember what page a user came from when clicking a register button, then send the user back when registration is completed?
I have a page signup.aspx where user can register, how this page will find from which page request came from and how it will redirect user after registration to the requesting page, i want to do this using query string but don't know how SHOW ME CODES.
I use a commercial web application that has the ability to use web triggers in order to do additional validation prior to saving its forms. The commercial web application simply makes a request out to whatever asp, php, etc. code that you've written... and in the case of asp.net I've validated forms by pulling variables off of the page.request object and then passed back a success/fail message to the commercial app using JSON.
I would like to use asp.net to display a modal popup control when called, in order to display some options. Because I would be triggering this code from a commercial web app, I'm wondering how I can display the popup control on top of the requesting page? The code I've currently written displays a blank page with my popup control on it. Is it possible for me to display ONLY the popup control when called from another website?
How can i identify just from the HttpContext Object that the HttpRequest coming to my application is from a cookieless application or cookieless browser?