Monday, November 17, 2008

How to Block Country and IP Addresses in ASP.NET using HTTPModule?

Problem

Recently, we noticed in our web traffic report some very suspicious activities so we decide to block certain ip addresses. Now there are many ways block ip addresses like at Windows server level, using IIS and at ASP.NET level.

First two choices works only if the person had access to the server and it becomes problem if one does not have access to the server and blocking IP address in ASP.NET becomes only choice.

References used to research and learn

Custom configuration sections
Creating ASP.NET HTTPModule
Restful API for finding out IP address's country

Assumption

1) The reader is familiar with ASP.NET
2) Wants to learn about HTTPModule, and Custom Configuration Sections

About the project

Download: IPBlocker.zip source

Here are the features of IPBlocker:

0) Rule is if the IP address is in denied list or ip address is not in granted list it will be blocked. Also, IP address will be checked against all the defined blocking scheme in the configuration until ip is blocked. If the IP is granted access and not in blocked list IP address will be granted.

1) IP Address can contain * as wild character.
i.e. <ip value="127.0.0.1" access="granted" valueType="IpAddress" />

2) Range of IP address can be specified.
i.e. <ip value="127.0.0.1;127.0.0.200" access="denied" valueType="IpRange" />

3) Can block country.
i.e. <ip value="IN;US" access="denied" valueType="CountryCode" />

4) Multiple IP address blocking scheme can be defined.
i.e. grant all ip from 127.0.0.1 through 127.0.0.255 EXCEPT 127.0.0.20 through 127.0.0.25.
<ip value="127.0.0.*" access="granted" valueType="IpAddress" />
<ip value="127.0.0.20;127.0.0.25" access="denied" valueType="IpRange" />

Here is sample configuration



<IpBlockerGroup>


  <IpBlockerConfiguration>


 


    <pages defaultScheme="blockIp">


      <page name="contactus.aspx" />


      <page name="home.aspx" scheme="blockIpRange" />


      <page name="aboutus.aspx" scheme="blockCountry" />


    </pages>


 


    <schemes>


      <!-- Used for Load Test -->


      <scheme name="blockIp">


        <ips>


          <!-- Use * as wild card -->


          <ip value="*.*.*.*" access="granted" valueType="IpAddress" />


          <!-- min value and max value seperated by ; (i.e. 127.1.2.3;233.3.3.2) -->


          <ip value="127.0.0.1;127.0.0.2" access="denied" valueType="IpRange" />


          <!-- ; seperated country code (i.e. IN;US) -->


          <ip value="IN;US" access="denied" valueType="CountryCode" />


        </ips>


      </scheme>


    </schemes>


 


  </IpBlockerConfiguration>


</IpBlockerGroup>




Requirements

1) VS2008
2) .Net 3.5

Step by step instruction

In web.config, add to configSections:



<sectionGroup name="IpBlockerGroup">


  <section


    name="IpBlockerConfiguration"


    type="IpBlocker.Configuration.IpBlockerConfigurationSection, IpBlocker"


    allowLocation="true"


    allowDefinition="Everywhere" />


</sectionGroup>




Add to configuration



<IpBlockerGroup>


  <IpBlockerConfiguration>


    <pages defaultScheme="blockCountry">


      <page name="contactus.aspx" />


    </pages>


    <schemes>


      <!-- Used for Load Test -->


      <scheme name="blockCountry">


        <ips>


          <!-- Use * as wild card -->


          <!--<ip value="*.*.*.*" access="granted" valueType="IpAddress" />-->


          <!-- min value and max value seperated by ; (i.e. 127.1.2.3;233.3.3.2) -->


          <!--<ip value="127.0.0.1;127.0.0.2" access="denied" valueType="IpRange" />-->


          <!-- ; seperated country code (i.e. XX;IN;US) -->


          <ip value="IR;RU;SA;IN" access="denied" valueType="CountryCode" />


        </ips>


      </scheme>


    </schemes>


  </IpBlockerConfiguration>


</IpBlockerGroup>




That it for running the module. Let's look at what is happening at more detailed level.



public class IpBlockerModule : IHttpModule


{


  public IpBlockerModule()


  {


  }


 


  public void Init(HttpApplication context)


  {


    context.BeginRequest += new EventHandler(Context_BeginRequest);


  }


 


  public void Dispose()


  {


  }


 


  private void Context_BeginRequest(object sender, EventArgs e)


  {


    IpBlockerConfigurationSection config = ConfigurationManager.GetSection("IpBlockerGroup/IpBlockerConfiguration") as IpBlockerConfigurationSection;


    HttpApplication application = sender as HttpApplication;


    string aspxPageName = System.IO.Path.GetFileName(application.Request.Url.AbsolutePath).ToUpper();


 


    PageElement page = config.Pages[aspxPageName];


    if (page != null && config.Schemes[config.Pages[aspxPageName].Scheme].CanBlockIp(application.Request.UserHostAddress))


    {


      // Blocking process


      application.Response.StatusCode = 404;


      application.Response.SuppressContent = true;


      application.Response.End();


    }


  }


 


}




IpBlockerModule listens to BeginRequest and checks to see if IP is granted to proceed for the specific page. Notice that in configuration Every page can have different IP blocking scheme. The reason why IP is blocked on specific page is because page like contact page that has email submission can be protected while other pages are not.

Conclusion

This module was developed out of need because even with captcha we had our contact page visited by some very starge ips performing very strange things. Also, it was good practice in creating HTTPModule and creating custom configuration.

Sunday, November 2, 2008

How to perform basic SEO for the web site?

Problem

We would like to educate everyone with some of technique that we use to increase our customers web sites rank and traffic.

First, performing SEO on the web site is not new or is it kept secret that only our company knows about it.

Second, it takes understanding of what SEO tools are available out there and how to properly use those SEO tools make differences.

References used to research and learn

what Google says about SEO
Very useful SEO tool

Assumption

1) Users are not familiar with SEO and wants to know more.

Explanation

Google Analytics
In order to understand the traffic behavior we use Google Analytics and we provide access to all our customers so they can view the traffics as well. Google Analytics provides very rich information about the web traffics such as what key words are used by the users to come to the site, where the users are accessing the web site, what browsers, how long the users are on the web site, what the users are viewing and more.

Webmaster Tool
In order to further optimize the web sites we have we use Google webmaster tool which allows to see external links backlinks, what kind of key words Google sees, when Google indexed the web sites and more...

Google AdSense
Google AdSense provides many useful tools like how much the key words cost, typical search volume of the key words trying to SEO, and do advertising based on Click Per Cost model and more...

SEO check list
Then we go through the SEO check list for all our customers.

Content matter!
Ultimately, content really matters with SEO no matter what. We constantly analyze Google Analytics and Google web master tool and modify our customers' web site contents. Also we provide suggestions to our customers to add new contents in certain ways that the key words can standout.

Blog helps
Blog is one of the easiest way to drive traffics to the web sites especially if the blogs are useful. Also having useful blog can help create very valuable backlinks to very important sites. For example, one of the blog that we wrote has backlinks to Microsoft and other very important developers in the community. Having such backlink helps with SEO.

Conclusion

Some of our customers were contacted by unknown company promising all kinds of SEO utopia like creating backlinks to gurantee #1 rank. Google clearly states that NO ONE CAN guarantee #1 Google rank with specific key words. Google rank is something that takes lots of hard work using many of the tools provided above and constantly analyzing data and tweaking pages and also contributing relevant contents to the community using things like blog.

We are always email or phone call away from answering our customers' questions of what all this SEO stuff means :)