DotNetNuke introduced a request filter option starting with DotNetNuke 4.5.3 that can allow you to take action on a user based on various request parameters. In this article, I will walk you through how to set up the request filter to filter out requests from a specific IP address and will discuss in general what the settings are. In this example, we will be placing a filter to block all traffic from a user with an IP of 13.12.15.45 and we will redirect them to google.com.
Getting to the setting
First of all to access this setting you must login as host and go to "Host Settings". Then you will need to expand the "Advanced Settings" section and then finally expand the "Request Filter Settings"
To start out you will want to enable the request filter by checking the "Enable Request Filter?" checkbox, you can then proceed to the next section where we will actually configure the rule.
Configuring the New Rule
Below we will walk through creating the filter for our specific scenario listed above and we will also discuss the possible other values for each property as we progress.
- Click on "Add New Rule" to get to the add page
- Enter "REMOTE_ADDR" for the "Server Variable" value. This can be any of the publicly visible server variables that are exposed via the request object.
- Select "Regex" from the operation drop down as this will allow for more robust matching. (Note: other values include equals and not equals for direct matching)
- Enter "13\.12\.15\.45" for the match value. Since this is a Regex value we must excape the .'s with \ characters. You can user a wildcard character if needed to expand the filter rather than this direct match
- Leave the "Action" as "Redirect", this will redirect the user via a temporary redirect. You may also choose to show "Not Found" or to do a "Permanent Redirect" to do a 301 redirect
- Enter "http://www.google.com" into the location, this is the desired location to send the user
- Click on "Add New Rule" to complete the process
This has completed the setup for the rule so any user that visits the website with a remote address of 13.12.15.45 will be directed to google.com instead of the homepage and they will never see any page content.
Warnings!
As you can see from the screen captures above DotNetNuke reminds you that it is VERY important to NOT mess up these values when you are inputting them because if you do you could potentially bring down your site. I cannot stress the importance of this! The good news is that rules are stored in the DotNetNuke.config file and can be changed easily.
Used correctly this feature can be used to help ban heavy spammers and other users that cause problems on your websites. Please feel free to share your comments below.