July 23, 2007

Using DotNetNuke Request Filter

DotNetNuke introduced a request filter option starting with DotNetNuke 4.5.3 that can allow you to take action on a user based on various request parameters. In this article I will walk you through how to setup the request filter to filter out requests from a specific IP address and will discuss in general what the settings are. In this example we will be placing a filter to block all traffic from a user with an IP of and we will redirect them to google.com.

Getting to the setting

First of all to access this setting you must login as host and go to "Host Settings". Then you will need to expand the "Advanced Settings" section and then finally expand the "Request Filter Settings"

Request filter settings

To start out you will want to enable the request filter by checking the "Enable Request Filter?" checkbox, you can then proceed to the next section where we will actually configure the rule.

Configuring the New Rule

Below we will walk though creating the filter for our specific scenario listed above and we will also discuss the possible other values for each property as we progress.

  1. Click on "Add New Rule" to get to the add page
    Add Request Filter
  2. Enter "REMOTE_ADDR" for the "Server Variable" value. This can be any of the publicly visible server variables that are exposed via the request object.
  3. Select "Regex" from the operation drop down as this will allow for more robust matching. (Note: other values include equals and not equals for direct matching)
  4. Enter "13\.12\.15\.45" for the match value. Since this is a Regex value we must excape the .'s with \ characters. You can user a wildcard character if needed to expand the filter rather than this direct match
  5. Leave the "Action" as "Redirect", this will redirect the user via a temporary redirect. You may also choose to show "Not Found" or to do a "Permanent Redirect" to do a 301 redirect
  6. Enter "http://www.google.com" into the location, this is the desired location to send the user
    Populated Request Filter
  7. Click on "Add New Rule" to complete the process

This has completed the setup for the rule so any user that visits the website with a remote address of will be directed to google.com instead of the homepage and they will never see any page content.


As you can see from the screen captures above DotNetNuke reminds you that it is VERY important to NOT mess up these values when you are inputting them because if you do you could potentially bring down your site. I cannot stress the importance of this! The good news is that rules are stored in the DotNetNuke.config file and can be changed easily.

Used correctly this feature can be used to help ban heavy spammers and other users that cause problems on your websites. Please feel free to share your comments below.

tags: DNN, Tutorials
comments powered by Disqus

Content provided in this blog is provided "AS-IS" and the information should be used at your own discretion.  The thoughts and opinions expressed are the personal thoughts of Mitchel Sellers and do not reflect the opinions of his employer.

Content Copyright

Content in this blog is copyright protected.  Re-publishing on other websites is allowed as long as proper credit and backlink to the article is provided.  Any other re-publishing or distribution of this content is prohibited without written permission from Mitchel Sellers.