Asp. Net core how to set black and white lists (routing restrictions)

Time:2022-7-28

In the original aspnetmvc, we will use route access restrictions, and write the following in appstart/routeconfig.cs:


routes.IgnoreRoute("{resource}.axd/{*pathInfo}");

However, routeconfig no longer exists in aspnet core MVC CS. How can we achieve the same effect in aspnet core MVC?

The middleware we need to use here is urlfirewall

1) Description:

Urlfirewall is an open source, lightweight middleware for filtering HTTP requests, which can be used in webapi or gateway

2) Introduction:

Urlfirewall is an HTTP request filtering middleware, which can be matched with the gateway (Ocelot) to shield the external network from accessing the internal interface, and only allow the internal interfaces to communicate with each other without being exposed to the outside. It supports blacklist mode and whitelist mode, and supports custom HTTP request response code. It has good scalability, and can realize the verification logic by itself, and realize the retrieval of rules from the database or redis cache and other media

3) Use:

1] , add components from nuget to your asp Net core project


Install-Package UrlFirewall.AspNetCore

2] , configure di configureservices in startup.cs


services.AddUrlFirewall(options =>
            {
                options.RuleType = UrlFirewallRuleType.Black;
                options.SetRuleList(Configuration.GetSection("UrlBlackList"));
                options.StatusCode = HttpStatusCode.NotFound;
            });

3] , configure the middleware at startup Configure in CS

app. UseUrlFirewall();// Enable firewall to open blacklist request path
if (env.IsDevelopment())
            {
                app.UseDeveloperExceptionPage();
                //HttpContext
                app.UseStaticHttpContext();
            }
            else
            {
                app.UseExceptionHandler("/Home/Error");
                app.UseHsts();
            }

4] , rooted in the configuration.getsection (“urlblacklist”) in 2, we need to add the following configuration in the appsettings.json/appsettings.devolopment.json file of the used section name · urlblacklist

{
"Logging": {
    "LogLevel": {
      "Default": "Information",
      "Microsoft": "Warning",
      "Microsoft.Hosting.Lifetime": "Information"
    }
  },
  //Firewall filters this type of access
  "UrlBlackList": [
    {
      "Url": "{resource}.axd/{*pathInfo}",
      "Method": "All"
    }
  ]
}

In this way, the.Axd on our server will not be requested

This is about asp Net core how to set the black-and-white list (routing restrictions) article is introduced here, more related to asp Net core settings routing black and white list content, please search the previous articles of developeppaer or continue to browse the relevant articles below. I hope you will support developeppaer in the future!

Recommended Today

JS generate guid method

JS generate guid method https://blog.csdn.net/Alive_tree/article/details/87942348 Globally unique identification(GUID) is an algorithm generatedBinaryCount Reg128 bitsNumber ofidentifier , GUID is mainly used in networks or systems with multiple nodes and computers. Ideally, any computational geometry computer cluster will not generate two identical guids, and the total number of guids is2^128In theory, it is difficult to make two […]