/// <summary>
/// 添加站点限制IP
/// </summary>
/// <param name="sitename">站点名称</param>
/// <param name="xzip">限制IP</param>
/// <param name="type">是否授权还是限制 0为授权 1为限制</param>
/// <param name="mask">子网掩码 空 0 1 2</param>
/// <returns></returns>
public string AddAstrictIP(string sitename, string xzip, string cut,string mask)
{
string result = "";
//判断子网掩码是否为空
if (mask=="0")
{
mask = "255.0.0.0";
}
else if (mask == "1")
{
mask = "255.255.0.0";
}
else if (mask == "2")
{
mask = "255.255.255.0";
}
else
{
mask = "255.255.255.255";
}
try
{
//根据站点名称查询站点对应ID
string sitenum = getWebSiteNum(sitename); ;
//检索为IIS服务器的根目录条目
System.DirectoryServices.DirectoryEntry IIS = new System.DirectoryServices.DirectoryEntry(string.Format("IIS://localhost/w3svc/{0}/root", sitenum));//站点ID号
Type typ = IIS.Properties["IPSecurity"][0].GetType();// 得到IPSecurity属性
object IPSecurity = IIS.Properties["IPSecurity"][0];
IIS.RefreshCache();
bool bGrantByDefault = (bool)typ.InvokeMember("GrantByDefault", BindingFlags.DeclaredOnly | BindingFlags.Public | BindingFlags.NonPublic
| BindingFlags.Instance | BindingFlags.GetProperty, null, IPSecurity, null);
if (!bGrantByDefault)
{
// 必须设置 默认允许访问
typ.InvokeMember("GrantByDefault", BindingFlags.DeclaredOnly | BindingFlags.Public | BindingFlags.NonPublic | BindingFlags.Instance
| BindingFlags.SetProperty, null, IPSecurity, new object[] { true });
}
if (cut == "0")
{
//如果是IIS6
if (IISVersionMajor == "6")
{
// 检索IPGrant IPSecurity对象列表
Array origIPGrantList = (Array)typ.InvokeMember("IPGrant",
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.GetProperty, null, IPSecurity, null);

//修改
List<string> iplist = new List<string>();
foreach (string s in origIPGrantList)
{
iplist.Add(s);
}
iplist.Add(string.Format("{0},{1}", xzip, mask));
bool bGrantByDefaultx = (bool)typ.InvokeMember("GrantByDefault",
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.GetProperty,
null, IPSecurity, null);
if (bGrantByDefaultx)
{
typ.InvokeMember("GrantByDefault",
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.SetProperty,
null, IPSecurity, new object[] { false });
}

object[] newIPDenyList = new object[iplist.Count];
int i = 0;
foreach (string s in iplist)
{
newIPDenyList[i] = s;
i++;
}
typ.InvokeMember("IPGrant",
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.SetProperty,
null, IPSecurity, new object[] { newIPDenyList });

}
else
{
// 检索IPGrant IPSecurity对象列表
Array origIPGrantList = (Array)typ.InvokeMember("IPGrant",
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.GetProperty, null, IPSecurity, null);
List<string> iplist = new List<string>();
foreach (string s in origIPGrantList)
{
iplist.Add(s);
}
//先删除后添加
foreach (string s in origIPGrantList)
{
if (iplist.Contains(s))
{ iplist.Remove(s); }
}
iplist.Add(string.Format("{0},{1}", xzip,mask));
bool bGrantByDefaultx = (bool)typ.InvokeMember("GrantByDefault",
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.GetProperty,
null, IPSecurity, null);
if (bGrantByDefaultx)
{
typ.InvokeMember("GrantByDefault",
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.SetProperty,
null, IPSecurity, new object[] { false });
}

object[] newIPDenyList = new object[iplist.Count];
int i = 0;
foreach (string s in iplist)
{
newIPDenyList[i] = s;
i++;
}
typ.InvokeMember("IPGrant",
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.SetProperty,
null, IPSecurity, new object[] { newIPDenyList });
}
}
else
{
//如果是IIS6
if (IISVersionMajor == "6")
{
// 检索IPDeny IPSecurity对象列表
Array origIPDenyList = (Array)typ.InvokeMember("IPDeny",
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.GetProperty, null, IPSecurity, null);
//获取原来数据
int num = origIPDenyList.Length;
object[] newIPDenyList = new object[num + 1];
int i = 0;
foreach (string s in origIPDenyList)
{
newIPDenyList[i] = s;
i++;
}
newIPDenyList[i] = string.Format("{0},{1}", xzip,mask);
typ.InvokeMember("IPDeny",//限制
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.SetProperty, null, IPSecurity, new object[] { newIPDenyList });
}
else
{
//II7+
typ.InvokeMember("IPDeny",//限制
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.SetProperty, null, IPSecurity, new object[] { string.Format("{0},{1}", xzip,mask) });
}
}
IIS.Properties["IPSecurity"][0] = IPSecurity;
// 提交更改
IIS.CommitChanges();
IIS.RefreshCache();
result = "succeed";
}
catch (Exception e)
{
string er = e.Message;
if (e.Message.Contains("当文件已存在时"))
{
result = "针对此ip的限制已存在";
}
else
{
result = e.Message;
}
}
return result;

}

/// <summary>
/// 展示站点禁止ip列表
/// </summary>
/// <param name="sitename">站点名称</param>
/// <returns></returns>
public string AstrictIPList(string sitename)
{
string str = "";
try
{
//根据站点名称查询站点对应ID
string sitenum = getWebSiteNum(sitename); ;
string strr = string.Format("IIS://localhost/w3svc/{0}/root", sitenum);//站点ID号
//检索为IIS服务器的根目录条目
System.DirectoryServices.DirectoryEntry IIS = new System.DirectoryServices.DirectoryEntry(strr);
// 检索当前否认IPs的列表
// 得到IPSecurity属性
Type typ = IIS.Properties["IPSecurity"][0].GetType();
object IPSecurity = IIS.Properties["IPSecurity"][0];
// 检索IPDeny IPSecurity对象列表
Array origIPDenyList = (Array)typ.InvokeMember("IPDeny",
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.GetProperty, null, IPSecurity, null);
//显示被拒绝
foreach (string s in origIPDenyList)
{
//判断是一组ip还是单个ip
var m = s.Split(',');
if (m[1].Trim() != "255.255.255.255")
{
str += m[0] + "(" + m[1].Trim() + ")" + ";";
}
else
{
string ip = s.Substring(0, s.IndexOf(","));
str += ip + ";";
}
}
str = str.TrimEnd(';');//移除尾部匹配项
}
catch (Exception e)
{

}
return str;
}
/// <summary>
/// 展示站点授权ip列表
/// </summary>
/// <param name="sitename">站点名称</param>
/// <returns></returns>
public string GrantIPList(string sitename)
{
string str = "";
try
{
//根据站点名称查询站点对应ID
string sitenum = getWebSiteNum(sitename); ;
string strr = string.Format("IIS://localhost/w3svc/{0}/root", sitenum);//站点ID号
//检索为IIS服务器的根目录条目
System.DirectoryServices.DirectoryEntry IIS = new System.DirectoryServices.DirectoryEntry(strr);
// 检索当前否认IPs的列表
// 得到IPSecurity属性
Type typ = IIS.Properties["IPSecurity"][0].GetType();
object IPSecurity = IIS.Properties["IPSecurity"][0];
// 检索IPDeny IPSecurity对象列表
Array origIPDenyList = (Array)typ.InvokeMember("IPGrant",
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.GetProperty, null, IPSecurity, null);
//显示被拒绝
foreach (string s in origIPDenyList)
{
//判断是一组ip还是单个ip
var m = s.Split(',');
if (m[1].Trim() != "255.255.255.255")
{
str += m[0] + "(" + m[1].Trim() + ")"+";";
}
else
{
string ip = s.Substring(0, s.IndexOf(","));
str += ip + ";";
}
}
str = str.TrimEnd(';');
}
catch (Exception e)
{

}
return str;
}
/// <summary>
/// 删除限制IP
/// </summary>
/// <param name="sitename">站点名称</param>
/// <param name="xzip">限制ip</param>
/// <returns></returns>
public string DelAstrictIP(string sitename, string xzip)
{
//判断限制的IP中是否含有(),如果有则表示一组ip
if(xzip.Contains("("))
{
//替换字符串 清除空格 并移除最后一个字符串
xzip= xzip.Replace("(",",").Trim().TrimEnd(')');
}
else
{
xzip += ",255.255.255.255";
}
string result = "";
//如果是IIS6
if (IISVersionMajor == "6")
{
try
{
//根据站点名称查询站点对应ID
string sitenum = getWebSiteNum(sitename); ;
string strr = string.Format("IIS://localhost/w3svc/{0}/root", sitenum);//站点ID号
//检索为IIS服务器的根目录条目
System.DirectoryServices.DirectoryEntry IIS = new System.DirectoryServices.DirectoryEntry(strr);
// 检索当前否认IPs的列表
// 得到IPSecurity属性
Type typ = IIS.Properties["IPSecurity"][0].GetType();
object IPSecurity = IIS.Properties["IPSecurity"][0];
// 检索IPDeny IPSecurity对象列表
Array origIPDenyList = (Array)typ.InvokeMember("IPDeny",
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.GetProperty, null, IPSecurity, null);
//获取被拒绝的全部IP
List<object> newIpList = new List<object>();
foreach (string s in origIPDenyList)
{
//判断是否与选中的删除ip相等

if (s.Trim().Replace(" ", "")!= xzip.Trim())
{
newIpList.Add(s);
}

}
object[] ipList = newIpList.ToArray();
typ.InvokeMember("IPDeny",//限制
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.SetProperty, null, IPSecurity, new object[] { ipList });
IIS.Properties["IPSecurity"][0] = IPSecurity;
// 提交更改
IIS.CommitChanges();
IIS.RefreshCache();
result = "succeed";
}
catch (Exception ex)
{
result = ex.Message;
}
}
else
{
//IIS7删除
try
{
string strr = DelIP(sitename, xzip);
result = strr; //"IIS7及以上版本暂不支持助手删除限制IP操作,请在IIS中手动操作。";
}
catch (Exception ex)
{
return ex.Message;
}

}
return result;
}
/// <summary>
/// IIS7删除限制IP
/// </summary>
/// <param name="sitename">站点名称</param>
/// <param name="xzip">IP地址</param>
/// <returns></returns>
public string DelIP(string sitename, string xzip)
{
//分隔字符串
var ipandmask = xzip.Split(',');
//==
try
{
using (Microsoft.Web.Administration.ServerManager serverManager = new Microsoft.Web.Administration.ServerManager())
{
Microsoft.Web.Administration.Configuration config = serverManager.GetApplicationHostConfiguration();
Microsoft.Web.Administration.ConfigurationSection ipSecuritySection = config.GetSection("system.webServer/security/ipSecurity", sitename);
Microsoft.Web.Administration.ConfigurationElementCollection ipSecurityCollection = ipSecuritySection.GetCollection();
Microsoft.Web.Administration.ConfigurationElement addElement = FindElementx(ipSecurityCollection, "add", "ipAddress", ipandmask[0].Trim(), "subnetMask", ipandmask[1].Trim(), "domainName", @"");//IP地址 子网掩码 域名
if (addElement == null) throw new InvalidOperationException("未找到元素!");
ipSecurityCollection.Remove(addElement);
serverManager.CommitChanges();
}
return "succeed";
}
catch (Exception ex)
{
return ex.Message;
}
}
private static Microsoft.Web.Administration.ConfigurationElement FindElementx(Microsoft.Web.Administration.ConfigurationElementCollection collection, string elementTagName, params string[] keyValues)
{
foreach (Microsoft.Web.Administration.ConfigurationElement element in collection)
{
if (String.Equals(element.ElementTagName, elementTagName, StringComparison.OrdinalIgnoreCase))
{
bool matches = true;
for (int i = 0; i < keyValues.Length; i += 2)
{
object o = element.GetAttributeValue(keyValues[i]);
string value = null;
if (o != null)
{
value = o.ToString();
}
if (!String.Equals(value, keyValues[i + 1], StringComparison.OrdinalIgnoreCase))
{
matches = false;
break;
}
}
if (matches)
{
return element;
}
}
}
return null;
}
/// <summary>
/// 删除授权IP
/// </summary>
/// <param name="sitename">站点名称</param>
/// <param name="sqip">授权ip</param>
/// <returns></returns>
public string DelGrantIP(string sitename, string sqip)
{
//判断限制的IP中是否含有(),如果有则表示一组ip
if (sqip.Contains("("))
{
//替换字符串 清除空格 并移除最后一个字符串
sqip = sqip.Replace("(", ",").Trim().TrimEnd(')');
}
else
{
sqip += ",255.255.255.255";
}
string result = "";
//逻辑代码块
if (IISVersionMajor == "6")
{
try
{
//根据站点名称查询站点对应ID
string sitenum = getWebSiteNum(sitename); ;
string strr = string.Format("IIS://localhost/w3svc/{0}/root", sitenum);//站点ID号
//检索为IIS服务器的根目录条目
System.DirectoryServices.DirectoryEntry IIS = new System.DirectoryServices.DirectoryEntry(strr);
// 检索当前否认IPs的列表
// 得到IPSecurity属性
Type typ = IIS.Properties["IPSecurity"][0].GetType();
object IPSecurity = IIS.Properties["IPSecurity"][0];
// 检索IPDeny IPSecurity对象列表
Array origIPDenyList = (Array)typ.InvokeMember("IPGrant",
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.GetProperty, null, IPSecurity, null);
//获取被拒绝的全部IP
List<object> newIpList = new List<object>();
foreach (string s in origIPDenyList)
{
//判断是否与选中的删除ip相等

if (s.Trim().Replace(" ", "")!= sqip.Trim())

{
newIpList.Add(s);
}

}
object[] ipList = newIpList.ToArray();
//更新数据
typ.InvokeMember("IPGrant",//限制
BindingFlags.DeclaredOnly |
BindingFlags.Public | BindingFlags.NonPublic |
BindingFlags.Instance | BindingFlags.SetProperty, null, IPSecurity, new object[] { ipList });
IIS.Properties["IPSecurity"][0] = IPSecurity;
// 提交更改
IIS.CommitChanges();
IIS.RefreshCache();
result = "succeed";
}
catch (Exception ex)
{
result = ex.Message;
}
}
else
{

//IIS7删除
try
{
string strr = DelIP(sitename, sqip);
result = strr; //"IIS7及以上版本暂不支持助手删除限制IP操作,请在IIS中手动操作。";
}
catch (Exception ex)
{
return ex.Message;
}

}
return result;
}

为IIS站点添加限制IP的更多相关文章

  1. iis实现类似tomcat ip:port直接访问站点

    先配置host: 建站点: iis配置文件地址:C:\Windows\System32\inetsrv\config\applicationHost.config(于tomcat中的web.xml类似 ...

  2. C#给IIS添加禁止IP限制

    /// <summary> /// 给IIS添加禁止IP限制 /// 仅针对iis 7及以上版本 /// 首先需要引入Microsoft.Web.Administration.dll // ...

  3. 使用awstats分析iis站点的日志

    环境:win7 + iis7 + perl(ActivePerl-5.20.1.2000) + awstats 7.3 一.找到iis日志所在目录 建议全部都打勾 二.安装perl AWStats是p ...

  4. IIS 站点部署多级域名

    当站点的规模达到一定程度,往往会对业务进行拆分,部署到一台服务器的不同站点,,而一个域名(顶级域名)只能绑定一个站点(核心站点),这个时候就通过给顶级域名创建子域名的方式(理论上一个顶级域名可以绑定5 ...

  5. IIS站点/虚拟目录中访问共享目录(UNC)以及建立后的应用程序的信任级别问题

      UNC是 Universal Naming Convention 的简称,也叫通用命名规范.通用命名约定.网络(范指局域网)上资源的完整位置名称.格式为 \\servername\sharenam ...

  6. 在IIS站点中使用数字证书

    1. SSL解析(内容来自百度百科) SSL(Secure Sockets Layer 安全套接层),及其继任者传输层安全(Transport Layer Security,TLS)是为网络通信提供安 ...

  7. 【zabbix】Windows服务器获取IIS站点以及程序池状态

    在使用zabbix做Windows服务器监控的时候遇到一个比较棘手的问题,检测IIS站点状态. 普通情况下,只要用浏览器访问iis站点测试一下返回码是不是200即可判断状态,但是我这次遇到的是iis使 ...

  8. IIS设置禁止某个IP或IP段访问网站的方法

    网站被刷,对话接不过来 打开IIS,选中禁IP的站点,找到“ip地址和域限制”这个功能,如果没有安装,打开服务器管理器,点击角色,窗口右边找到添加角色服务,找到“IP和域限制”并勾选安装. 打开ip地 ...

  9. asp.net中 使用Nginx 配置 IIS站点负载均衡

    这是一偏初学者入门的内容,发现有问题的地方,欢迎留言,一起学习,一起进步 本文主要记录一下在Windows平台中,IIS站点如何使用Nginx 做一个简单的负载均衡  一. 准备工作: 官网下载安装包 ...

随机推荐

  1. ARP (地址解析协议)

    地址解析协议,即ARP(Address Resolution Protocol),是根据IP地址获取物理地址的一个TCP/IP协议.主机发送信息时将包含目标IP地址的ARP请求广播到网络上的所有主机, ...

  2. AppleDoc的安裝使用

    前言,還是那句話,新手按照濤叔下面畫黃色的步驟順序執行就好了,不要問為什麼. 一.安裝(注意,濤叔事先已經下載了appledoc) 1.找到下載的appledoc目錄 $ cd /Users/libo ...

  3. Spring(2) ------ 依赖注入

    spring框架为我们提供了三种注入方式,分别是set注入,构造方法注入,接口注入. 1.set注入: 采用属性的set方法进行初始化,就成为set注入. 1)给普通字符类型赋值. public cl ...

  4. 精通 CSS 选择器

    CSS 选择器除了样式表匹配元素时需要用到,在使用 jQuery 等库的时候也可以利用 CSS 选择器来选择元素,因此作为前端开发需要熟练掌握.下面是一些常用的 CSS 选择器示例. 元素选择器 E, ...

  5. ABAP 加密解密程序

    用于对字符串的加密和解密: DATA: o_encryptor TYPE REF TO cl_hard_wired_encryptor, o_cx_encrypt_error TYPE REF TO ...

  6. SharePoint 2013 表单认证使用ASP.Net配置工具添加用户

    前 言 上面一篇博客,我们了解到如何为SharePoint 2013配置表单身份认证,但是添加用户是一个麻烦事儿:其实,我们还可以用Asp.Net的配置工具,为SharePoint 2013添加表单用 ...

  7. 操作系统开发系列—13.a.进程 ●

    进程的切换及调度等内容是和保护模式的相关技术紧密相连的,这些代码量可能并不多,但却至关重要. 我们需要一个数据结构记录一个进程的状态,在进程要被挂起的时候,进程信息就被写入这个数据结构,等到进程重新启 ...

  8. [转]Android逆向之动态调试总结

    一.在SO中关键函数上下断点 刚学逆向调试时.大多都满足于在SO中某关键函数上下断点.然后通过操作应用程序,去触发这个断点,然后进行调试 详细的步骤可以参见非虫大大的<Android软件安全与逆 ...

  9. 出现( linker command failed with exit code 1)错误总结

    这种问题,通常出现在添加第三方库文件或者多人开发时. 这种问题一般是找不到文件而导致的链接错误. 我们可以从如下几个方面着手排查. 1.以如下错误为例,如果是多人开发,你同步完成后发现出现如下的错误. ...

  10. Android 手机卫士--签名文件说明&包名说明

    在<Android 手机卫士--打包生成apk维护到服务器>一文中,实现了新版本的apk到服务器,当打开客户端apk的时候,发现有新版本,提示更新.还实现了利用xutils工具实现了从服务 ...