Using DotNetNuke Request Filter

DotNetNuke introduced a request filter option starting with DotNetNuke 4.5.3 that can allow you to take action on a user based on various request parameters. In this article I will walk you through how to setup the request filter to filter out requests from a specific IP address and will discuss in general what the settings are. In this example we will be placing a filter to block all traffic from a user with an IP of 13.12.15.45 and we will redirect them to google.com.

Getting to the setting

First of all to access this setting you must login as host and go to "Host Settings". Then you will need to expand the "Advanced Settings" section and then finally expand the "Request Filter Settings"

To start out you will want to enable the request filter by checking the "Enable Request Filter?" checkbox, you can then proceed to the next section where we will actually configure the rule.

Configuring the New Rule

Below we will walk though creating the filter for our specific scenario listed above and we will also discuss the possible other values for each property as we progress.

Click on "Add New Rule" to get to the add page
Enter "REMOTE_ADDR" for the "Server Variable" value. This can be any of the publicly visible server variables that are exposed via the request object.
Select "Regex" from the operation drop down as this will allow for more robust matching. (Note: other values include equals and not equals for direct matching)
Enter "13\.12\.15\.45" for the match value. Since this is a Regex value we must excape the .'s with \ characters. You can user a wildcard character if needed to expand the filter rather than this direct match
Leave the "Action" as "Redirect", this will redirect the user via a temporary redirect. You may also choose to show "Not Found" or to do a "Permanent Redirect" to do a 301 redirect
Enter "http://www.google.com" into the location, this is the desired location to send the user
Click on "Add New Rule" to complete the process

This has completed the setup for the rule so any user that visits the website with a remote address of 13.12.15.45 will be directed to google.com instead of the homepage and they will never see any page content.

Warnings!

As you can see from the screen captures above DotNetNuke reminds you that it is VERY important to NOT mess up these values when you are inputting them because if you do you could potentially bring down your site. I cannot stress the importance of this! The good news is that rules are stored in the DotNetNuke.config file and can be changed easily.

Used correctly this feature can be used to help ban heavy spammers and other users that cause problems on your websites. Please feel free to share your comments below.

Posted by Mitchel on Monday, July 23, 2007

Tags: DotNetNuke, Tutorials

Comments

Great article Mitchel!!

By Ed DeGagne on Tuesday, July 24, 2007 at 6:09 AM

This new feature (although not directly related to your post) means that we could do the 301 redirects for unsecured to secured or from yoursite.com to www.yoursite.com - no?

By Vitaly Kozadayev on Wednesday, July 25, 2007 at 4:28 AM

Thanks.
Finally i knew how to used the request filter module :D.

By fun-e on Wednesday, July 25, 2007 at 1:33 PM

Vitaly,

I am not 100% sure on that one....I would have to look through the parameters that are available.

By mitchel.sellers@gmail.com on Wednesday, July 25, 2007 at 6:47 PM

Here are my findings:

1. Because these filters are set up at the host level, it makes it much harder to customize it. We could use HTTPS variable that returns OFF or ON depending on whether request is for the secured or not-secured page. But how would you determine which domain name to use?

2. SERVER_NAME can be used to determine if request is using www.yoursite.com or just yoursite.com but you can't reditect to a specific page that was requested - in other words, you can't just say - redirect to the same but with www.

I can still see some uses for this as 301 redirect but it would be a bit strange one...

By vitkoz on Wednesday, July 25, 2007 at 9:41 PM

That is some good information. At least DNN 4.5.4 has the support for SSL which is good.

As for the 301 Redirects to always have the www. it looks like we will still have to keep doing what we are doing now. My method with the 3rd party URL rewriter seems to be working ok.

By mitchel.sellers@gmail.com on Thursday, July 26, 2007 at 3:55 AM

4 Vitaly Kozadayev: For "www" 301 redirect you can use this: http://seablick.com/blog/tabid/53/articletype/articleview/articleid/44/default.aspx

By Exiton on Saturday, July 28, 2007 at 3:56 PM

Can you use this to redirect someone based off an IP address range? Say 10.10.x.x goes to www.whatever.com/admin/security/windowslogin.aspx

While all other IP addresses outside of the range go to www.whatever.com?

See what I am getting at here ;)

Stuart

By Stuart on Tuesday, September 11, 2007 at 4:49 AM

Yes you should be able to do that, use a regex match to redirect the successful ones, then have the default be for the non matching ones.

By host on Tuesday, September 11, 2007 at 5:42 AM

Alright so here is what I have so far. I have a site www.whatever.com, when someone accesses the site, based on their IP address I either want them to continue on to the homepage of the site, www.whatever.com/default.aspx or I want them to be redirected to www.whatever.com/admin/security/windowssignin.aspx.

I have the regular expression setup to check the IP address range and it is working. Unfortunately, I am not sure how to setup the redirect properly. My current setup has the site in an infinite loop...

I have tried, Permant Redirect to www.whatever.com/admin/security/windowssignin.aspx

I have tried PermanRedirect to /admin/security/windowssignin.aspx

I have tried redirect to /admin/security/windowssign.aspx

Any thoughts?

Thank You,
Stuart

By Stuart on Wednesday, September 12, 2007 at 6:42 AM

Ahh yes....that could be a problem, because you really only want that redirect to be conditional for the first request...

I will have to look at this one a bit more.

By mitchel.sellers@gmail.com on Wednesday, September 12, 2007 at 3:19 PM

Thanks Mitchell,

I haven't really found much on how to use this feature except on your blog.

If this doesn't work I am wondering how I will achieve this, short of an ISAPI filter.

Stuart

By Stuart on Wednesday, September 12, 2007 at 5:35 PM

Stuart,

I think I know how you can do this, send me an e-mail and I'll try to drive you in the right direction.

By mitchel.sellers@gmail.com on Wednesday, September 12, 2007 at 6:19 PM

Very nice, Mitchel! Newbies like myself love step-by-step instruction...best example of how to use this I have found (I just wasted an hour in the DNN forums searching for block IP, et al). :)

If we were to use wildcards, would it look like this (using the same IP inthe example):

13\.12\.*\.* ? Given the warnings, I thought I would ask before I mess something up! :)

By Terp on Friday, September 14, 2007 at 5:53 PM

If you are looking for a match on 13.12. anything you could do the following I believe

13\.12\.*

And that would be all that is needed

By mitchel.sellers@gmail.com on Sunday, September 16, 2007 at 7:15 PM

Mitchell, I'm trying to accomplish the same thing Stuart was doing - external users not presented with logon box, internal users logged on with active directory automagically. I can get one or the other but not both.

This method sounds interesting but I'm not sure I fully can wrap my brain around it. My DNN is 4.7. Can you help?

By Pepper on Tuesday, December 11, 2007 at 5:57 PM

Pepper,

Send me an e-mail with what you have done currently and what you are looking to do and I can see what I can do to point you in the right direction.

By mitchel.sellers@gmail.com on Tuesday, December 11, 2007 at 6:07 PM

Hi Mitchell,

To make my web site SEO friendly I am using friendly names for the pages.
But when I include the page in DNN menu, It has been added with MyWebsite/TabId/<ID>/Default.aspx.
Is it possible to write a rule to redirect the request of particular tabid to it's friendly name.

Ex:
I have created new page for FAQ it's MyWebSite.com/TabId/123/Default.aspx. I have added a friendly Url as follows
LookFor: (.*)/Faq.aspx(.*)
SendTo: ~/Default.aspx?TabId=123$2

Now when any request made to TabId=123 (TabId/123) it should be redirect (301 redirect) to ~/Faq.aspx.

Is it possible to write such rule using Request Filter?

Thanks,
Mahesh

By Mahesh on Tuesday, July 29, 2008 at 2:03 AM

You would need to do that only via the friendly URL settings.

Personally, you might have a look at URL Master by Ifinity, it does a great job, and that type of URL is generated automatically!

By mitchel.sellers@gmail.com on Tuesday, July 29, 2008 at 3:54 AM

Comments from the following blog entry: Using DotNetNuke Request Filter, located at: http://www.dbalinks.com/SQLServerArticles/tabid/94/articleType/ArticleView/articleId/13/Using-DotNetNuke-Request-Filter.aspx

By SQL Server DBA Links and Articles on Tuesday, November 25, 2008 at 2:33 AM

Hello,

I am not sure that I have understood how to block an IP Range... Can someone detail it ?? Thanks,

Déclic Vidéo FX

By Declic Video on Saturday, November 29, 2008 at 10:14 PM

If you want to block a range, you have to supply a regex that will match the values that you are looking to block.

If you want to make a post to the forums, I can try to point you in the right direction. Also, on my business site I have a Regular Expression tester that will allow you to test out an expression before including it in your site.

By mitchel.sellers@gmail.com on Sunday, November 30, 2008 at 8:52 AM

I am not able to get block this perticular range of ip. I am able to block one perticular ip but i want to block this range of ip 58.2.0.0 58.2.255.255 Can anyone tell me how can do this. Thanks

By Mujahed Khan on Tuesday, April 21, 2009 at 4:53 AM

This sounds great. I am wondering if this affects just the portal or does it affect the entire installation? We have multiple portals on an installation and only want IP blocking on one of the portals.

By on Thursday, April 23, 2009 at 6:10 AM

The solution here is a DNN instance level filter, the rules are processed BEFORE any page processing is done.

By mitchel.sellers@gmail.com on Thursday, April 23, 2009 at 6:13 AM

Hi Guys,
Will the filter work for this problem I have and how do I set it:

Permanent Redirect Not Found

Search engines may think www.thetackleteam.com.au and thetackleteam.com.au are two different sites.You should set up a permanent redirect (technically called a "301 redirect") between these sites. Once you do that, you will get full search engine credit for your work on these sites.

For example, www.thetackleteam.com.au seems to have 85 inbound links whereas thetackleteam.com.au has 86 inbound links. By correctly configuring a permanent 301 redirect, the search rankings might improve as all inbound links are correctly counted for the website.

Any help would be appreciated.

Thanks,
Buck

By Paul Rogers on Friday, April 24, 2009 at 5:38 PM

Paul,

For something like that you will need to use either UrlMaster or UrlRewriting.net to do it in a safe/easy manner.

By mitchel.sellers@gmail.com on Saturday, April 25, 2009 at 7:26 AM

Hi,
How to Dnn validate the request? i.e What/where is code called when a request is made to a site where request filter setting is made?

By Rajkumar on Wednesday, July 29, 2009 at 7:59 PM

I am not 100% sure, but it is very early in the request process

By mitchel.sellers@gmail.com on Wednesday, July 29, 2009 at 8:28 PM

Hi,
I check this approach of blocking the IP address from accessing the website. An d works fine. I am still fighting with one more problem.
I have images folder and with some image in it. If i try to access the images directly from a blocked IP, Request filter is not working and allows me to access teh image. How to block the blocked Ip to access the folder and access images, Jscriptfiles,xml, etc..
Help needed.

By Rajkumar on Sunday, August 02, 2009 at 8:43 PM

Mitch,

Great article. Joe B pointed me here after I inquired about UserAgent filtering.

We plan to use the filters to ban specific UserAgents ( Abusive Bots) that degrade or cripple the site.

Here's a link to the Server Variable types that can be filtered on (for some creative options)

http://msdn.microsoft.com/en-us/library/ms524602.aspx

We'll let you know how it goes!

Again thanks for the clear and insightful post.

Brad

By Brad Schafer on Thursday, September 10, 2009 at 5:56 AM

Hello

I want to redirect http://alert-ims.com to http://www.alert-ims.com. Can it possible with
Request Filter Settings in DNN.

My Setting in Request Filter Settings in DNN.

------------------------------------------
Server Variable: SERVER_NAME
Operation: NotEqual
Match Value: ALERT-IMS.COM
Action: PermanentRedirect
Location: http://www.alert-ims.com

----------------------------------

Is these setting is correct to redirect - non www to www URL

By Laxmi on Monday, October 12, 2009 at 9:33 PM

Mitchel,

Can you also sent me the steps to take when wanting to block standard all visitors to my site and only give access to some visitors based on their ip-address?

And is it also possible that they just visit the main site and through a redirect with request filter they go based on their ip-address to their own portal site?

thx.
Piet

By Piet on Tuesday, January 12, 2010 at 3:05 AM

Piet,

Please post to the forums if you could.

By mitchel.sellers@gmail.com on Tuesday, January 12, 2010 at 4:41 AM

Click here to post a comment