Last post Oct 18, 2017 05:57 AM by Yuppski
May 02, 2017 01:04 PM|Yuppski|LINK
I've developed a ASP.net Web Site using VS2010 .Net 4 using c#
The site has been published for approx. 6 years with constant development enhancments taking place.
Its being hosted on a Windows 2008 R2 Server Standard Version 6.1 (Build 7601: Service Pack 1)
In my VS2010 project I have a file called:-
and an Event:-
This event emails me relavant information when the application encounters an exception.
Within the last couple of months I experienced a barrage of emails within a matter of seconds of exceptions
The url that's being accessed are like:-
The IP address have been traced to some Eastern Block country and have been blocked.
Can I protect the site from within the code from such attacks? If an examples?
Can I somehow stop the access to the
Hope that makes sense
May 03, 2017 07:44 AM|Eric Du|LINK
After read your issue, as far as I know, this issue is related to the access authorization of the file. you could add limitation in the web.config.
Here is the tutorial about how to limit the user to access the file, please check:
Setting authorization rules for a particular page or folder in web.config:
How To Restrict Specific Users from Gaining Access to Specified Web Resources:
Oct 18, 2017 05:57 AM|Yuppski|LINK
Just as a follow up on this.
We have not been aware of any hack attempts since we added the following in the Web.config:-
<remove path="WebResource.axd" verb="GET"/>
<remove path="WebResource.axd" verb="POST"/>
<remove path="ScriptResource.axd" verb="GET"/>
<remove path="ScriptResource.axd" verb="POST"/>