ASP.NET MVC에서 요청 조절을 구현하는 가장 좋은 방법은 무엇입니까?
우리는 주어진 기간 동안 사용자 행동을 조절하는 다양한 방법을 실험하고 있습니다 .
- 질문 / 답변 게시물 제한
- 편집 제한
- 피드 검색 제한
당분간은 캐시를 사용하여 단순히 사용자 활동 레코드를 삽입하고 있습니다. 사용자가 동일한 활동을 수행하는 경우 해당 레코드가 존재하는 경우 스로틀합니다.
캐시를 사용하면 자동으로 오래된 데이터 정리 및 사용자 슬라이딩 활동 창이 제공되지만 어떻게 확장되는지 문제가 될 수 있습니다.
요청 / 사용자 작업을 효과적으로 조절할 수있는 다른 방법은 무엇입니까 (안정성 강조)?
지난해 Stack Overflow에서 사용한 일반적인 버전은 다음과 같습니다.
/// <summary>
/// Decorates any MVC route that needs to have client requests limited by time.
/// </summary>
/// <remarks>
/// Uses the current System.Web.Caching.Cache to store each client request to the decorated route.
/// </remarks>
[AttributeUsage(AttributeTargets.Method, AllowMultiple = false)]
public class ThrottleAttribute : ActionFilterAttribute
{
/// <summary>
/// A unique name for this Throttle.
/// </summary>
/// <remarks>
/// We'll be inserting a Cache record based on this name and client IP, e.g. "Name-192.168.0.1"
/// </remarks>
public string Name { get; set; }
/// <summary>
/// The number of seconds clients must wait before executing this decorated route again.
/// </summary>
public int Seconds { get; set; }
/// <summary>
/// A text message that will be sent to the client upon throttling. You can include the token {n} to
/// show this.Seconds in the message, e.g. "Wait {n} seconds before trying again".
/// </summary>
public string Message { get; set; }
public override void OnActionExecuting(ActionExecutingContext c)
{
var key = string.Concat(Name, "-", c.HttpContext.Request.UserHostAddress);
var allowExecute = false;
if (HttpRuntime.Cache[key] == null)
{
HttpRuntime.Cache.Add(key,
true, // is this the smallest data we can have?
null, // no dependencies
DateTime.Now.AddSeconds(Seconds), // absolute expiration
Cache.NoSlidingExpiration,
CacheItemPriority.Low,
null); // no callback
allowExecute = true;
}
if (!allowExecute)
{
if (String.IsNullOrEmpty(Message))
Message = "You may only perform this action every {n} seconds.";
c.Result = new ContentResult { Content = Message.Replace("{n}", Seconds.ToString()) };
// see 409 - http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
c.HttpContext.Response.StatusCode = (int)HttpStatusCode.Conflict;
}
}
}
샘플 사용법 :
[Throttle(Name="TestThrottle", Message = "You must wait {n} seconds before accessing this url again.", Seconds = 5)]
public ActionResult TestThrottle()
{
return Content("TestThrottle executed");
}
The ASP.NET Cache works like a champ here - by using it, you get automatic clean-up of your throttle entries. And with our growing traffic, we're not seeing that this is an issue on the server.
Feel free to give feedback on this method; when we make Stack Overflow better, you get your Ewok fix even faster :)
Microsoft has a new extension for IIS 7 called Dynamic IP Restrictions Extension for IIS 7.0 - Beta.
"The Dynamic IP Restrictions for IIS 7.0 is a module that provides protection against denial of service and brute force attacks on web server and web sites. Such protection is provided by temporarily blocking IP addresses of the HTTP clients who make unusually high number of concurrent requests or who make large number of requests over small period of time." http://learn.iis.net/page.aspx/548/using-dynamic-ip-restrictions/
Example:
If you set the criteria to block after X requests in Y milliseconds or X concurrent connections in Y milliseconds the IP address will be blocked for Y milliseconds then requests will be permitted again.
We use the technique borrowed from this URL http://www.codeproject.com/KB/aspnet/10ASPNetPerformance.aspx, not for throttling, but for a poor man's Denial Of Service (D.O.S). This is also cache-based, and may be similar to what you are doing. Are you throttling to prevent D.O.S. attacks? Routers can certainly be used to reduce D.O.S; do you think a router could handle the throttling you need?
참고URL : https://stackoverflow.com/questions/33969/best-way-to-implement-request-throttling-in-asp-net-mvc
'IT story' 카테고리의 다른 글
| 새로운 PostgreSQL JSON 데이터 유형의 필드를 사용하여 쿼리하려면 어떻게합니까? (0) | 2020.05.05 |
|---|---|
| 파이썬에서 멀티 프로세싱을 사용하는 동안 어떻게 로그인해야합니까? (0) | 2020.05.05 |
| 속성 탐색기처럼 작동하는 GUI 기반 또는 웹 기반 JSON 편집기 (0) | 2020.05.05 |
| 부모 구성 요소의 CSS 파일에서 자식 구성 요소의 스타일을 지정하는 방법은 무엇입니까? (0) | 2020.05.05 |
| href 표현은 무엇입니까 (0) | 2020.05.05 |