Using DotNetNuke Request Filter > Mitchel's Personal Web Portal

Current Articles | Categories | Search | Syndication

Using DotNetNuke Request Filter
By Mitchel Sellers on Monday, July 23, 2007 @ 9:01 AM

1539 Views :: 17 Comments ::

DotNetNuke introduced a request filter option starting with DotNetNuke 4.5.3 that can allow you to take action on a user based on various request parameters. In this article I will walk you through how to setup the request filter to filter out requests from a specific IP address and will discuss in general what the settings are. In this example we will be placing a filter to block all traffic from a user with an IP of 13.12.15.45 and we will redirect them to google.com.

Getting to the setting

First of all to access this setting you must login as host and go to "Host Settings". Then you will need to expand the "Advanced Settings" section and then finally expand the "Request Filter Settings"

To start out you will want to enable the request filter by checking the "Enable Request Filter?" checkbox, you can then proceed to the next section where we will actually configure the rule.

Configuring the New Rule

Below we will walk though creating the filter for our specific scenario listed above and we will also discuss the possible other values for each property as we progress.

Click on "Add New Rule" to get to the add page
Enter "REMOTE_ADDR" for the "Server Variable" value. This can be any of the publicly visible server variables that are exposed via the request object.
Select "Regex" from the operation drop down as this will allow for more robust matching. (Note: other values include equals and not equals for direct matching)
Enter "13\.12\.15\.45" for the match value. Since this is a Regex value we must excape the .'s with \ characters. You can user a wildcard character if needed to expand the filter rather than this direct match
Leave the "Action" as "Redirect", this will redirect the user via a temporary redirect. You may also choose to show "Not Found" or to do a "Permanent Redirect" to do a 301 redirect
Enter "http://www.google.com" into the location, this is the desired location to send the user
Click on "Add New Rule" to complete the process

This has completed the setup for the rule so any user that visits the website with a remote address of 13.12.15.45 will be directed to google.com instead of the homepage and they will never see any page content.

Warnings!

As you can see from the screen captures above DotNetNuke reminds you that it is VERY important to NOT mess up these values when you are inputting them because if you do you could potentially bring down your site. I cannot stress the importance of this! The good news is that rules are stored in the DotNetNuke.config file and can be changed easily.

Used correctly this feature can be used to help ban heavy spammers and other users that cause problems on your websites. Please feel free to share your comments below.


	Share/Save This Article
	Use the below controls to save this article to one of many popular social bookmarking sites!


	Article Rating
	12345

Article Comments

By Ed DeGagne @ Tuesday, July 24, 2007 6:09 AM

Great article Mitchel!!

By Vitaly Kozadayev @ Wednesday, July 25, 2007 4:28 AM

This new feature (although not directly related to your post) means that we could do the 301 redirects for unsecured to secured or from yoursite.com to www.yoursite.com - no?

By fun-e @ Wednesday, July 25, 2007 1:33 PM

Thanks.
Finally i knew how to used the request filter module :D.

By Mitchel Sellers @ Wednesday, July 25, 2007 6:47 PM

Vitaly,

I am not 100% sure on that one....I would have to look through the parameters that are available.

By Vitaly Kozadayev @ Wednesday, July 25, 2007 9:41 PM

Here are my findings:

1. Because these filters are set up at the host level, it makes it much harder to customize it. We could use HTTPS variable that returns OFF or ON depending on whether request is for the secured or not-secured page. But how would you determine which domain name to use?

2. SERVER_NAME can be used to determine if request is using www.yoursite.com or just yoursite.com but you can't reditect to a specific page that was requested - in other words, you can't just say - redirect to the same but with www.

I can still see some uses for this as 301 redirect but it would be a bit strange one...

By Mitchel Sellers @ Thursday, July 26, 2007 3:55 AM

That is some good information. At least DNN 4.5.4 has the support for SSL which is good.

As for the 301 Redirects to always have the www. it looks like we will still have to keep doing what we are doing now. My method with the 3rd party URL rewriter seems to be working ok.

By Exiton @ Saturday, July 28, 2007 3:56 PM

4 Vitaly Kozadayev: For "www" 301 redirect you can use this: http://seablick.com/blog/tabid/53/articletype/articleview/articleid/44/default.aspx

By Stuart @ Tuesday, September 11, 2007 4:49 AM

Can you use this to redirect someone based off an IP address range? Say 10.10.x.x goes to www.whatever.com/admin/security/windowslogin.aspx

While all other IP addresses outside of the range go to www.whatever.com?

See what I am getting at here ;)

Stuart

By IowaComputerGurus Host @ Tuesday, September 11, 2007 5:42 AM

Yes you should be able to do that, use a regex match to redirect the successful ones, then have the default be for the non matching ones.

By Stuart @ Wednesday, September 12, 2007 6:42 AM

Alright so here is what I have so far. I have a site www.whatever.com, when someone accesses the site, based on their IP address I either want them to continue on to the homepage of the site, www.whatever.com/default.aspx or I want them to be redirected to www.whatever.com/admin/security/windowssignin.aspx.

I have the regular expression setup to check the IP address range and it is working. Unfortunately, I am not sure how to setup the redirect properly. My current setup has the site in an infinite loop...

I have tried, Permant Redirect to www.whatever.com/admin/security/windowssignin.aspx

I have tried PermanRedirect to /admin/security/windowssignin.aspx

I have tried redirect to /admin/security/windowssign.aspx

Any thoughts?

Thank You,
Stuart

By Mitchel Sellers @ Wednesday, September 12, 2007 3:19 PM

Ahh yes....that could be a problem, because you really only want that redirect to be conditional for the first request...

I will have to look at this one a bit more.

By Stuart @ Wednesday, September 12, 2007 5:35 PM

Thanks Mitchell,

I haven't really found much on how to use this feature except on your blog.

If this doesn't work I am wondering how I will achieve this, short of an ISAPI filter.

Stuart

By Mitchel Sellers @ Wednesday, September 12, 2007 6:19 PM

Stuart,

I think I know how you can do this, send me an e-mail and I'll try to drive you in the right direction.

By Terp @ Friday, September 14, 2007 5:53 PM

Very nice, Mitchel! Newbies like myself love step-by-step instruction...best example of how to use this I have found (I just wasted an hour in the DNN forums searching for block IP, et al). :)

If we were to use wildcards, would it look like this (using the same IP inthe example):

13\.12\.*\.* ? Given the warnings, I thought I would ask before I mess something up! :)

By Mitchel Sellers @ Sunday, September 16, 2007 7:15 PM

If you are looking for a match on 13.12. anything you could do the following I believe

13\.12\.*

And that would be all that is needed

By Pepper @ Tuesday, December 11, 2007 5:57 PM

Mitchell, I'm trying to accomplish the same thing Stuart was doing - external users not presented with logon box, internal users logged on with active directory automagically. I can get one or the other but not both.

This method sounds interesting but I'm not sure I fully can wrap my brain around it. My DNN is 4.7. Can you help?

By Mitchel Sellers @ Tuesday, December 11, 2007 6:07 PM

Pepper,

Send me an e-mail with what you have done currently and what you are looking to do and I can see what I can do to point you in the right direction.

Click here to post a comment