Last post May 12, 2018 06:43 AM by Brando ZWZ
May 08, 2018 08:38 PM|Krissh Parthi|LINK
I have developed a Web API application using .net core 1.0 "version": "1.0.5" and deploying on Azure web app.
Currently, I'm facing a problem with an API endpoint when the user hits the endpoint concurrently. So for my CPU/DTU percentage increase above 60 to 100. For that, I should restrict that user when he hit's an API endpoint concurrently. I don't have any
idea to restrict those IP. I'm very new to this issue.
Can anyone please help me to resolve this issue?
When he hit's the API endpoint concurrently I should block those IP for the limited duration.
May 09, 2018 02:55 AM|Brando ZWZ|LINK
Hi Parthiban K，
According to your description, I suggest you could try to enable Dynamic IP Restrictions module on the azure web app.
The DIPR feature provides two main protections for developers:
Developers can additionally configure DIPR behavior such as the type of failure HTTP status code sent back on blocked requests.
In Azure Web Sites a developer configures DIPR using configuration sections added to the web.config file located in the root folder of the website.
If you want to block connections based on the number of concurrent requests (i.e. active requests currently in flight at any moment in time), add the following configuration snippet to a website’s web.config file.
More details ,you could refer to below article.
May 09, 2018 04:56 AM|Krissh Parthi|LINK
I applied this solution to my web.config file. It is not working for me. I just want to know whether it is applicable to normal
dot net framework(3.5,4.5, etc) or applicable for dot net core 1.0 framework or later version as well?
May 12, 2018 06:43 AM|Brando ZWZ|LINK
Hi Parthiban K,
As far as I know, the Dynamic IP Restrictions setting is IIS setting.
Both asp.net and asp.net core application could work well with Dynamic IP Restrictions.
Here I have publish asp.net core razor page application and add below web config.
<?xml version="1.0" encoding="utf-8"?>
<!-- To customize the asp.net core module uncomment and edit the following section.
For more info see https://go.microsoft.com/fwlink/?linkid=838655 -->
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified"/>
<aspNetCore processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" stdoutLogEnabled="false" stdoutLogFile=".\logs\stdout" />
<denyByConcurrentRequests enabled="true" maxConcurrentRequests="2"/>
<denyByRequestRate enabled="true" maxRequests="5" requestIntervalInMilliseconds="10000" />
I have send multiple request to azure web app in fiddler.
You could find it return 403.