ViewState DoS ban module

Posted at Sun, 05 Mar 2006 22:26:14 GMT by Wilco Bauwer

Once in a while I'm getting a lot of requests that post an invalid viewstate (sometimes entire e-mails - what are they thinking?). Since I'm kind of fed up logging all this spam, I decided to put together a little HTTP module that temporarily stops processing such requests. To use this, head over to the toolbox and get the latest version of Wilco.Web. Add the library to your website and add the following to your web.config:

ASP.NET:

1 
2 
3

<httpModules>
  <add name="ViewStateDosBan" type="Wilco.Web.ViewStateDosBanModule, Wilco.Web" />
</httpModules>

In a nutshell, the module keeps a list of requests which resulted in a ViewStateException. This list is stored in the cache with an absolute expiration time of 2 minutes. When a request is made by a client that already resulted in at least 5 ViewStateExceptions, the request is ended immediately.

Talk back

Re: ViewState DoS ban module

Posted at Sat, 08 Nov 2008 08:25:29 GMT by Matthew

Website: http://www.safarinow.com

I have this issue, but how do you identify the 'client'? IP? From my logs the IP's are spoofed between requests...

Your message will be encoded/formatted when it is displayed. If you want to post code, please put the code inside [code=X][/code] tags, where X is the language of your code (C#, ASPX, SQL, etc).

Name: *

Email:

(will be encoded using JavaScript to keep it functional and prevent it from being picked up by spammers)

Url:

Remember me

Message: *

3 + 3 =