使用IIS API禁用IP访问
2018-07-05 本文已影响7人
8e744d4a988c
这个类是基于 Microsoft.Web.Administration
写的一个简单封装:
PS: Microsoft.Web.Administration
可通过 Nuget
搜索安装。
public class IISAdministration
{
private readonly ServerManager serverManager;
public IISAdministration()
{
serverManager = new ServerManager();
}
public IEnumerable<WorkerProcess> GetWorkerProcesses()
{
return serverManager.WorkerProcesses;
}
public IEnumerable<string> GetSiteNames()
{
foreach (var item in GetWorkerProcesses())
{
yield return item.AppPoolName;
}
}
public ConfigurationElementCollection GetIpSecurityCollection(string site)
{
return GetConfigurationElementCollection("system.webServer/security/ipSecurity", site);
}
public ConfigurationElementCollection GetConfigurationElementCollection(string sectionName, string site = "")
{
var config = serverManager.GetApplicationHostConfiguration();
ConfigurationSection section;
if (string.IsNullOrWhiteSpace(site))
{
section = config.GetSection(sectionName);
}
else
{
section = config.GetSection(sectionName, site);
}
return section.GetCollection();
}
public void CreateElement(ConfigurationElementCollection section, ConfigurationElement element)
{
section.Add(element);
serverManager.CommitChanges();
}
public void RemoveElement(ConfigurationElementCollection section, ConfigurationElement element)
{
section.Remove(element);
serverManager.CommitChanges();
}
public bool HasBlocked(string siteName, string ip)
{
var ipSecurityCollection = this.GetIpSecurityCollection(siteName);
for (int i = 0; i < ipSecurityCollection.Count; i++)
{
var element = ipSecurityCollection[i];
if ((string)element["ipAddress"] == ip)
{
return true;
}
}
return false;
}
public void FreeIP(string siteName, string ip)
{
if (!HasBlocked(siteName, ip))
{
return;
}
var ipSecurityCollection = this.GetIpSecurityCollection(siteName);
for (int i = 0; i < ipSecurityCollection.Count; i++)
{
var element = ipSecurityCollection[i];
if ((string)element["ipAddress"] == ip)
{
this.RemoveElement(ipSecurityCollection, element);
break;
}
}
}
public void BlockIP(string siteName, string ip)
{
if (HasBlocked(siteName, ip))
{
return;
}
var ipSecurityCollection = this.GetIpSecurityCollection(siteName);
var element = ipSecurityCollection.CreateElement("add");
element["ipAddress"] = ip;
element["allowed"] = false;
ipSecurityCollection.Add(element);
serverManager.CommitChanges();
}
}
使用方法:
var iisAdministration = new IISAdministration();
iisAdministration.BlockIP("", "192.0.0.1");
注意:
-
BlockIP
第一个参数为站点名,如果空字符串,则直接添加到IIS
根路径下的IP屏蔽。 - 此方法会抛出异常,而且需要管理员权限才可执行。