{"id":27187,"date":"2023-06-16T16:27:23","date_gmt":"2023-06-16T12:57:23","guid":{"rendered":"https:\/\/nabfollower.com\/blog\/how-to-secure-public-apis-in-aspnet-core-h6a\/"},"modified":"2023-06-16T16:27:23","modified_gmt":"2023-06-16T12:57:23","slug":"how-to-secure-public-apis-in-aspnet-core-h6a","status":"publish","type":"post","link":"https:\/\/nabfollower.com\/blog\/how-to-secure-public-apis-in-aspnet-core-h6a\/","title":{"rendered":"\u0686\u06af\u0648\u0646\u0647 API \u0647\u0627\u06cc \u0639\u0645\u0648\u0645\u06cc \u0631\u0627 \u062f\u0631 ASP.NET Core \u0627\u06cc\u0645\u0646 \u06a9\u0646\u06cc\u0645\u061f"},"content":{"rendered":"<div data-article-id=\"1506610\" id=\"article-body\">\n<p>ASP.NET Core \u06cc\u06a9 \u0633\u0627\u062e\u062a\u0627\u0631 \u0645\u062d\u0628\u0648\u0628 \u0627\u0633\u062a.  \u0645\u0632\u0627\u06cc\u0627\u06cc \u06a9\u0644\u06cc\u062f\u06cc \u0622\u0646 \u0634\u0627\u0645\u0644 \u0648\u06cc\u0698\u06af\u06cc \u0647\u0627\u06cc\u06cc \u0645\u0627\u0646\u0646\u062f \u0627\u062c\u0631\u0627\u06cc \u06a9\u0631\u0627\u0633 \u067e\u0644\u062a\u0641\u0631\u0645\u060c \u0639\u0645\u0644\u06a9\u0631\u062f \u0628\u0627\u0644\u0627\u060c \u062a\u0632\u0631\u06cc\u0642 \u0648\u0627\u0628\u0633\u062a\u06af\u06cc \u062f\u0627\u062e\u0644\u06cc \u0648 \u062e\u0637 \u0644\u0648\u0644\u0647 \u062f\u0631\u062e\u0648\u0627\u0633\u062a HTTP \u0645\u062f\u0648\u0644\u0627\u0631 \u0627\u0633\u062a.<\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter-rtl ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">\u0641\u0647\u0631\u0633\u062a \u0645\u0637\u0627\u0644\u0628<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/nabfollower.com\/blog\/how-to-secure-public-apis-in-aspnet-core-h6a\/#%DA%86%D8%A7%D9%84%D8%B4_%D9%87%D8%A7\" >\u0686\u0627\u0644\u0634 \u0647\u0627<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/nabfollower.com\/blog\/how-to-secure-public-apis-in-aspnet-core-h6a\/#%DA%A9%D9%86%D8%AA%D8%B1%D9%84_%D9%87%D8%A7%DB%8C_%D8%A7%D9%85%D9%86%DB%8C%D8%AA%DB%8C_%D9%85%D9%88%D8%AC%D9%88%D8%AF_%D8%AF%D8%B1_ASPNET\" >\u06a9\u0646\u062a\u0631\u0644 \u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u0648\u062c\u0648\u062f \u062f\u0631 ASP.NET<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/nabfollower.com\/blog\/how-to-secure-public-apis-in-aspnet-core-h6a\/#%DB%8C%DA%A9_%D9%82%D8%AF%D9%85_%D8%AC%D9%84%D9%88%D8%AA%D8%B1_%D8%B1%D9%81%D8%AA%D9%86\" >\u06cc\u06a9 \u0642\u062f\u0645 \u062c\u0644\u0648\u062a\u0631 \u0631\u0641\u062a\u0646<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/nabfollower.com\/blog\/how-to-secure-public-apis-in-aspnet-core-h6a\/#%D8%A7%D8%B2_%D9%81%DB%8C%D9%84%D8%AA%D8%B1_%D8%A7%D9%82%D8%AF%D8%A7%D9%85_%D9%85%D8%AD%D8%AF%D9%88%D8%AF%DB%8C%D8%AA_%D8%AF%D8%B1%D8%AE%D9%88%D8%A7%D8%B3%D8%AA_%D9%85%D8%A8%D8%AA%D9%86%DB%8C_%D8%A8%D8%B1_IP_%D8%A7%D8%B3%D8%AA%D9%81%D8%A7%D8%AF%D9%87_%DA%A9%D9%86%DB%8C%D8%AF\" >\u0627\u0632 \u0641\u06cc\u0644\u062a\u0631 \u0627\u0642\u062f\u0627\u0645 \u0645\u062d\u062f\u0648\u062f\u06cc\u062a \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 IP \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/nabfollower.com\/blog\/how-to-secure-public-apis-in-aspnet-core-h6a\/#%D8%A8%DB%8C%D8%B4%D8%AA%D8%B1_%D8%A8%D8%AE%D9%88%D8%A7%D9%86%DB%8C%D8%AF_Aspnet_Core_Api_%D8%A8%D8%A7_Entity_Framework\" >\u0628\u06cc\u0634\u062a\u0631 \u0628\u062e\u0648\u0627\u0646\u06cc\u062f: Asp.net Core Api \u0628\u0627 Entity Framework<\/a><\/li><\/ul><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/nabfollower.com\/blog\/how-to-secure-public-apis-in-aspnet-core-h6a\/#%D9%81%DB%8C%D9%84%D8%AA%D8%B1_%D8%A7%D9%82%D8%AF%D8%A7%D9%85_%D8%A8%D8%B1%D8%B1%D8%B3%DB%8C_%D8%A7%D8%B1%D8%AC%D8%A7%D8%B9_%D8%B1%D8%A7_%D8%A7%D8%B6%D8%A7%D9%81%D9%87_%DA%A9%D9%86%DB%8C%D8%AF\" >\u0641\u06cc\u0644\u062a\u0631 \u0627\u0642\u062f\u0627\u0645 \u0628\u0631\u0631\u0633\u06cc \u0627\u0631\u062c\u0627\u0639 \u0631\u0627 \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/nabfollower.com\/blog\/how-to-secure-public-apis-in-aspnet-core-h6a\/#%D8%A2%DB%8C%D8%A7_%D8%A8%D9%87_%D8%AF%D9%86%D8%A8%D8%A7%D9%84_%D8%AA%D9%88%D8%B3%D8%B9%D9%87_%D8%AF%D9%87%D9%86%D8%AF%D9%87_%D9%88%D8%A8_%D8%A7%D8%AE%D8%AA%D8%B5%D8%A7%D8%B5%DB%8C_ASPNet_Core_%D9%87%D8%B3%D8%AA%DB%8C%D8%AF%D8%9F_%D8%AC%D8%B3%D8%AA%D8%AC%D9%88%DB%8C_%D8%B4%D9%85%D8%A7_%D8%AF%D8%B1_%D8%A7%DB%8C%D9%86%D8%AC%D8%A7_%D8%A8%D9%87_%D9%BE%D8%A7%DB%8C%D8%A7%D9%86_%D9%85%DB%8C_%D8%B1%D8%B3%D8%AF\" >\u0622\u06cc\u0627 \u0628\u0647 \u062f\u0646\u0628\u0627\u0644 \u062a\u0648\u0633\u0639\u0647 \u062f\u0647\u0646\u062f\u0647 \u0648\u0628 \u0627\u062e\u062a\u0635\u0627\u0635\u06cc ASP.Net Core \u0647\u0633\u062a\u06cc\u062f\u061f  \u062c\u0633\u062a\u062c\u0648\u06cc \u0634\u0645\u0627 \u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u0628\u0647 \u067e\u0627\u06cc\u0627\u0646 \u0645\u06cc \u0631\u0633\u062f.<\/a><\/li><\/ul><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/nabfollower.com\/blog\/how-to-secure-public-apis-in-aspnet-core-h6a\/#%D9%85%DB%8C%D8%A7%D9%86_%D8%A7%D9%81%D8%B2%D8%A7%D8%B1_DoSattack_%D8%B1%D8%A7_%D8%A7%D8%B6%D8%A7%D9%81%D9%87_%DA%A9%D9%86%DB%8C%D8%AF\" >\u0645\u06cc\u0627\u0646 \u0627\u0641\u0632\u0627\u0631 DoSattack \u0631\u0627 \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/nabfollower.com\/blog\/how-to-secure-public-apis-in-aspnet-core-h6a\/#%D9%86%D8%AA%DB%8C%D8%AC%D9%87\" >\u0646\u062a\u06cc\u062c\u0647<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"%DA%86%D8%A7%D9%84%D8%B4_%D9%87%D8%A7\"><\/span>\n<p>  \u0686\u0627\u0644\u0634 \u0647\u0627<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0647\u0633\u062a\u0647 ASP.NET \u0627\u0632 \u0628\u0633\u06cc\u0627\u0631\u06cc \u0627\u0632 \u0627\u0631\u0627\u0626\u0647 \u062f\u0647\u0646\u062f\u06af\u0627\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0645\u06cc \u06a9\u0646\u062f \u062a\u0627 \u0628\u0631\u0646\u0627\u0645\u0647 \u0647\u0627 \u0631\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u06af\u0631\u062f\u0634 \u06a9\u0627\u0631 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0645\u062a\u0639\u062f\u062f \u0627\u06cc\u0645\u0646 \u06a9\u0646\u0646\u062f.  \u0628\u0627 \u0627\u06cc\u0646 \u062d\u0627\u0644\u060c \u062f\u0631 \u0628\u0633\u06cc\u0627\u0631\u06cc \u0627\u0632 \u0633\u0646\u0627\u0631\u06cc\u0648\u0647\u0627\u060c \u0645\u0627 \u0645\u062c\u0628\u0648\u0631\u06cc\u0645 \u06cc\u06a9 \u0628\u0631\u0646\u0627\u0645\u0647\/\u0633\u0627\u06cc\u062a \u0648\u0628 \u0627\u0631\u0627\u0626\u0647 \u06a9\u0646\u06cc\u0645 \u06a9\u0647 \u0628\u0631 \u0627\u0633\u0627\u0633 \u06cc\u06a9 API \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0646\u0634\u062f\u0647 \u0628\u0627 \u062f\u0633\u062a\u0631\u0633\u06cc \u0646\u0627\u0634\u0646\u0627\u0633 \u0627\u0633\u062a.<\/p>\n<p>\u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u0645\u062b\u0627\u0644\u060c \u0645\u0627 \u0644\u06cc\u0633\u062a\u06cc \u0627\u0632 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0631\u0627 \u062f\u0631 \u067e\u0627\u06cc\u06af\u0627\u0647 \u062f\u0627\u062f\u0647 \u062f\u0627\u0631\u06cc\u0645 \u0648 \u0645\u06cc \u062e\u0648\u0627\u0647\u06cc\u0645 \u0627\u06cc\u0646 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0631\u0627 \u062f\u0631 \u06cc\u06a9 \u0635\u0641\u062d\u0647 \u0648\u0628 \u0646\u0645\u0627\u06cc\u0634 \u062f\u0647\u06cc\u0645.  \u0645\u0627 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u0645 \u06cc\u06a9 API \u0628\u0631\u0627\u06cc \u0627\u0631\u0627\u0626\u0647 \u0641\u0647\u0631\u0633\u062a\u06cc \u0627\u0632 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0628\u0646\u0648\u06cc\u0633\u06cc\u0645 \u0648 \u0628\u062e\u0634 \u062c\u0644\u0648\u06cc\u06cc (\u0648\u0628\u200c\u0633\u0627\u06cc\u062a) \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0627\u06cc\u0646 \u0641\u0647\u0631\u0633\u062a \u0631\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 API \u062f\u0631\u06cc\u0627\u0641\u062a \u06a9\u0631\u062f\u0647 \u0648 \u062f\u0631 \u0635\u0641\u062d\u0647 \u0648\u0628 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0639\u0645\u0648\u0645\u06cc \u0645\u0627 \u0646\u0645\u0627\u06cc\u0634 \u062f\u0647\u062f.<\/p>\n<p>\u0628\u062f\u0648\u0646 \u0627\u0639\u0645\u0627\u0644 \u0633\u0637\u062d \u0627\u0645\u0646\u06cc\u062a\u06cc\u060c \u0686\u0646\u06cc\u0646 \u0645\u0639\u0645\u0627\u0631\u06cc\u200c\u0647\u0627\u06cc\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0627\u0632 \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0628\u0627\u0634\u0646\u062f.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"%DA%A9%D9%86%D8%AA%D8%B1%D9%84_%D9%87%D8%A7%DB%8C_%D8%A7%D9%85%D9%86%DB%8C%D8%AA%DB%8C_%D9%85%D9%88%D8%AC%D9%88%D8%AF_%D8%AF%D8%B1_ASPNET\"><\/span>\n<p>  \u06a9\u0646\u062a\u0631\u0644 \u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u0648\u062c\u0648\u062f \u062f\u0631 ASP.NET<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>ASP.NET \u0631\u0627\u0647 \u062d\u0644 \u0647\u0627\u06cc\u06cc \u0628\u0631\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627\u06cc \u0631\u0627\u06cc\u062c \u0627\u0632 \u062c\u0645\u0644\u0647 \u0647\u0633\u062a\u0647 \u0627\u0631\u0627\u0626\u0647 \u0645\u06cc \u062f\u0647\u062f<\/p>\n<ul>\n<li>\u0627\u0633\u06a9\u0631\u06cc\u067e\u062a \u0628\u06cc\u0646 \u0633\u0627\u06cc\u062a\u06cc<\/li>\n<li>\u062a\u0632\u0631\u06cc\u0642 SQL\u060c<\/li>\n<li>\u062c\u0639\u0644 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0628\u06cc\u0646 \u0633\u0627\u06cc\u062a\u06cc (CSRF)<\/li>\n<li>\u062a\u063a\u06cc\u06cc\u0631 \u0645\u0633\u06cc\u0631\u0647\u0627 \u0631\u0627 \u0628\u0627\u0632 \u06a9\u0646\u06cc\u062f<\/li>\n<\/ul>\n<h2><span class=\"ez-toc-section\" id=\"%DB%8C%DA%A9_%D9%82%D8%AF%D9%85_%D8%AC%D9%84%D9%88%D8%AA%D8%B1_%D8%B1%D9%81%D8%AA%D9%86\"><\/span>\n<p>  \u06cc\u06a9 \u0642\u062f\u0645 \u062c\u0644\u0648\u062a\u0631 \u0631\u0641\u062a\u0646<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0628\u0647 \u0639\u0646\u0648\u0627\u0646 \u062a\u0648\u0633\u0639\u0647 \u062f\u0647\u0646\u062f\u06af\u0627\u0646\u060c \u0645\u0627 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0628\u0627\u06cc\u062f \u0627\u0632 \u0628\u0631\u0646\u0627\u0645\u0647 \u0647\u0627\u06cc \u062e\u0648\u062f \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u0633\u0627\u06cc\u0631 \u0628\u0631\u062f\u0627\u0631\u0647\u0627\u06cc \u062d\u0645\u0644\u0647 \u0631\u0627\u06cc\u062c \u0645\u062d\u0627\u0641\u0638\u062a \u06a9\u0646\u06cc\u0645<\/p>\n<ul>\n<li>\u0627\u0646\u06a9\u0627\u0631 \u0633\u0631\u0648\u06cc\u0633 \u062a\u0648\u0632\u06cc\u0639 \u0634\u062f\u0647 (DDOS)<\/li>\n<li>\u0627\u0646\u06a9\u0627\u0631 \u0633\u0631\u0648\u06cc\u0633 (DOS)<\/li>\n<li>\u062e\u0631\u0648\u062c\u06cc \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc \u0627\u0646\u0628\u0648\u0647<\/li>\n<li>\u067e\u0627\u0633\u062e \u06a9\u0627\u0648\u0634\u06af\u0631<\/li>\n<li>\u062e\u0631\u0627\u0634 \u062f\u0627\u062f\u0646<\/li>\n<\/ul>\n<p>\u062f\u0648 \u0645\u0631\u062d\u0644\u0647 \u0627\u06cc \u06a9\u0647 \u0645\u06cc \u062a\u0648\u0627\u0646\u06cc\u0645 \u0628\u0631\u0627\u06cc \u062a\u0623\u06cc\u06cc\u062f \u0633\u0631\u0635\u0641\u062d\u0647 \u0627\u0631\u062c\u0627\u0639 \u062f\u0647\u0646\u062f\u0647 \u0648 \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0646\u0631\u062e \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u06cc\u0645 \u06a9\u0647 \u062f\u0631 \u0632\u06cc\u0631 \u0628\u0647 \u062a\u0641\u0635\u06cc\u0644 \u0645\u0648\u0631\u062f \u0628\u062d\u062b \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a\u0647 \u0627\u0633\u062a.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"%D8%A7%D8%B2_%D9%81%DB%8C%D9%84%D8%AA%D8%B1_%D8%A7%D9%82%D8%AF%D8%A7%D9%85_%D9%85%D8%AD%D8%AF%D9%88%D8%AF%DB%8C%D8%AA_%D8%AF%D8%B1%D8%AE%D9%88%D8%A7%D8%B3%D8%AA_%D9%85%D8%A8%D8%AA%D9%86%DB%8C_%D8%A8%D8%B1_IP_%D8%A7%D8%B3%D8%AA%D9%81%D8%A7%D8%AF%D9%87_%DA%A9%D9%86%DB%8C%D8%AF\"><\/span>\n<p>  \u0627\u0632 \u0641\u06cc\u0644\u062a\u0631 \u0627\u0642\u062f\u0627\u0645 \u0645\u062d\u062f\u0648\u062f\u06cc\u062a \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 IP \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0645\u0627 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u0645 \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u0631\u0627 \u0628\u0647 \u062a\u0639\u062f\u0627\u062f \u0645\u0639\u06cc\u0646\u06cc \u0627\u0632 \u062f\u0631\u062e\u0648\u0627\u0633\u062a\u200c\u0647\u0627 \u062f\u0631 \u06cc\u06a9 \u062f\u0648\u0631\u0647 \u0632\u0645\u0627\u0646\u06cc \u0645\u0634\u062e\u0635 \u0645\u062d\u062f\u0648\u062f \u06a9\u0646\u06cc\u0645 \u062a\u0627 \u0627\u0632 \u062d\u0645\u0644\u0627\u062a \u0645\u062e\u0631\u0628 \u0631\u0628\u0627\u062a \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u06a9\u0646\u06cc\u0645. \u0645\u0627 \u0641\u06cc\u0644\u062a\u0631 \u0627\u0639\u0645\u0627\u0644 \u0645\u062d\u062f\u0648\u062f\u06cc\u062a \u062f\u0631\u062e\u0648\u0627\u0633\u062a\u06cc \u0645\u0628\u062a\u0646\u06cc \u0628\u0631 IP \u0631\u0627 \u062f\u0631 \u0647\u0633\u062a\u0647 ASP.NET \u0627\u06cc\u062c\u0627\u062f \u06a9\u0631\u062f\u0647\u200c\u0627\u06cc\u0645.  \u0628\u0647 \u062e\u0627\u0637\u0631 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u062f \u06a9\u0647 \u0686\u0646\u062f\u06cc\u0646 \u0645\u0634\u062a\u0631\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u067e\u0634\u062a \u06cc\u06a9 \u0622\u062f\u0631\u0633 IP \u0648\u0627\u062d\u062f \u0628\u0646\u0634\u06cc\u0646\u0646\u062f\u060c \u0628\u0646\u0627\u0628\u0631\u0627\u06cc\u0646 \u0634\u0645\u0627 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f \u0627\u06cc\u0646 \u0631\u0627 \u062f\u0631 \u0645\u062d\u062f\u0648\u062f\u0647 \u062e\u0648\u062f \u0628\u0631\u0622\u0648\u0631\u062f\u0647 \u06a9\u0646\u06cc\u062f\u060c \u06cc\u0627 \u0622\u062f\u0631\u0633 IP \u0631\u0627 \u0628\u0627 \u0633\u0627\u06cc\u0631 \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u062a\u0631\u06a9\u06cc\u0628 \u06a9\u0646\u06cc\u062f \u062a\u0627 \u062f\u0631\u062e\u0648\u0627\u0633\u062a\u200c\u0647\u0627 \u0645\u0646\u062d\u0635\u0631\u0628\u0647\u200c\u0641\u0631\u062f\u062a\u0631 \u0634\u0648\u0646\u062f.<\/p>\n<p>\u0628\u0631\u0627\u06cc \u0627\u0645\u062a\u062d\u0627\u0646 \u0641\u06cc\u0644\u062a\u0631\u060c \u0641\u0642\u0637 \u0628\u0627\u06cc\u062f \u06cc\u06a9 ActionAttribute \u0631\u0627 \u062f\u0631 \u0628\u0627\u0644\u0627\u06cc \u0627\u06a9\u0634\u0646 \u06a9\u0646\u062a\u0631\u0644\u0631 \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"%D8%A8%DB%8C%D8%B4%D8%AA%D8%B1_%D8%A8%D8%AE%D9%88%D8%A7%D9%86%DB%8C%D8%AF_Aspnet_Core_Api_%D8%A8%D8%A7_Entity_Framework\"><\/span>\n<p>  \u0628\u06cc\u0634\u062a\u0631 \u0628\u062e\u0648\u0627\u0646\u06cc\u062f: Asp.net Core Api \u0628\u0627 Entity Framework<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight plaintext\"><code>[HttpGet()]\n[ValidateReferrer]\n[RequestLimit(\"Test-Action\", NoOfRequest = 3, Seconds = 10)]\npublicasync Task&lt;actionresult&gt;GetAsync(CancellationTokenct)\n{\n\/\/ code here  \n}&lt;\/actionresult&gt;\n\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<p>\u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u067e\u06cc\u0627\u062f\u0647 \u0633\u0627\u0632\u06cc \u0641\u06cc\u0644\u062a\u0631 \u0627\u0633\u062a:<\/p>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight plaintext\"><code>      namespace Security.Api.Filters\n{\n    using System;\n    using System.Net;\n    using Microsoft.AspNetCore.Mvc;\n    using Microsoft.AspNetCore.Mvc.Filters;\n    using Microsoft.Extensions.Caching.Memory;\n    [AttributeUsage(AttributeTargets.Method)]\n    public class RequestAttribute :ActionFilterAttribute\n    {\n        public RequestAttribute(string name)\n        {\n            Name = name;\n        }\n        public string Name\n        {\n            get;\n        }\n        public intNoOfRequest\n        {\n            get;\n            set;\n        } = 1;\n        public int Seconds\n        {\n            get;\n            set;\n        } = 1;\n        private static MemoryCachememoryCache\n        {\n            get;\n        } = new MemoryCache(new MemoryCacheOptions());\n        public override void OnActionExecuting(ActionExecutingContext context)\n        {\nvaripAddress = context.HttpContext.Request.HttpContext.Connection.RemoteIpAddress;\nvarmemoryCacheKey = $ \"{Name}-{ipAddress}\";\nmemoryCache.TryGetValue(memoryCacheKey, out intprevReqCount);\n            if (prevReqCount&gt;= NoOfRequest)\n            {\ncontext.Result = new ContentResult\n                {\n                    Content = $ \"Request is exceeded. Try again in seconds.\",\n                };\ncontext.HttpContext.Response.StatusCode = (int)HttpStatusCode.TooManyRequests;\n            }\n            else\n            {\nvarcacheEntryOptions = new MemoryCacheEntryOptions().SetAbsoluteExpiration(TimeSpan.FromSeconds(Seconds));\nmemoryCache.Set(memoryCacheKey, (prevReqCount + 1), cacheEntryOptions);\n            }\n        }\n    }\n}\n\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<h2><span class=\"ez-toc-section\" id=\"%D9%81%DB%8C%D9%84%D8%AA%D8%B1_%D8%A7%D9%82%D8%AF%D8%A7%D9%85_%D8%A8%D8%B1%D8%B1%D8%B3%DB%8C_%D8%A7%D8%B1%D8%AC%D8%A7%D8%B9_%D8%B1%D8%A7_%D8%A7%D8%B6%D8%A7%D9%81%D9%87_%DA%A9%D9%86%DB%8C%D8%AF\"><\/span>\n<p>  \u0641\u06cc\u0644\u062a\u0631 \u0627\u0642\u062f\u0627\u0645 \u0628\u0631\u0631\u0633\u06cc \u0627\u0631\u062c\u0627\u0639 \u0631\u0627 \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0628\u0631\u0627\u06cc \u0645\u062d\u0627\u0641\u0638\u062a \u0627\u0632 API \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0648 \u0627\u06cc\u062c\u0627\u062f \u0645\u062d\u0627\u0641\u0638\u062a \u0627\u0636\u0627\u0641\u06cc \u062f\u0631 \u0628\u0631\u0627\u0628\u0631 \u062d\u0645\u0644\u0627\u062a \u062c\u0639\u0644 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0645\u062a\u0642\u0627\u0628\u0644 (CSRF)\u060c \u0628\u0631\u0631\u0633\u06cc \u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0631\u0648\u06cc \u0633\u0631\u0635\u0641\u062d\u0647 \u0627\u0631\u062c\u0627\u0639 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0628\u0631\u0627\u06cc \u0647\u0631 \u062f\u0631\u062e\u0648\u0627\u0633\u062a REST API \u0627\u0631\u0633\u0627\u0644 \u0634\u062f\u0647 \u0628\u0647 \u0633\u0631\u0648\u0631 \u0627\u0646\u062c\u0627\u0645 \u0645\u06cc \u0634\u0648\u062f.<\/p>\n<p>\u0627\u06cc\u0646 API \u062a\u0623\u06cc\u06cc\u062f \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0627\u0632 \u06a9\u062c\u0627 \u0622\u0645\u062f\u0647 \u0627\u0633\u062a.  \u0645\u0627 \u06cc\u06a9 Referrer Check Action Filter \u062f\u0631 ASP.NET Core \u0627\u06cc\u062c\u0627\u062f \u06a9\u0631\u062f\u0647 \u0627\u06cc\u0645.  \u0627\u0632 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc\u06cc \u0645\u0627\u0646\u0646\u062f POSTMEN\u060c \u0633\u0631\u0648\u06cc\u0633 \u06af\u06cc\u0631\u0646\u062f\u0647 REST \u0648 \u063a\u06cc\u0631\u0647 \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0645\u06cc \u06a9\u0646\u062f.<\/p>\n<p>\u0634\u0645\u0627 \u0641\u0642\u0637 \u0628\u0627\u06cc\u062f \u06cc\u06a9 ActionAttribute \u0631\u0627 \u0628\u0647 \u0628\u0627\u0644\u0627\u06cc Action \u06a9\u0646\u062a\u0631\u0644\u0631 \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f.<\/p>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight plaintext\"><code>[HttpGet()]\n[ValidateReferrer]\npublicasync Task&lt;actionresult&gt;GetAsync(CancellationTokenct)\n{\n\/\/ your code here  \n}&lt;\/actionresult&gt;\n\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<p>\u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u0627\u062c\u0631\u0627\u06cc \u0641\u06cc\u0644\u062a\u0631 \u0627\u0633\u062a<\/p>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight plaintext\"><code>namespace Security.Api.Filters\n{\n    using Microsoft.AspNetCore.Http;\n    using Microsoft.AspNetCore.Mvc;\n    using Microsoft.AspNetCore.Mvc.Filters;\n    using Microsoft.Extensions.Configuration;\n    using System;\n    using System.Linq;\n    using System.Net;\n    [AttributeUsage(AttributeTargets.Method)]\n    public sealed class ValidateAttribute :ActionFilterAttribute\n    {\n        private IConfiguration _configuration;\n        public ValidateAttribute() { }\n        public override void OnActionExecuting(ActionExecutingContext context)\n        {\n            _configuration = (IConfiguration)context.HttpContext.RequestServices.GetService(typeof(IConfiguration));\nbase.OnActionExecuting(context);\n            if (!IsValidRequest(context.HttpContext.Request))\n            {\ncontext.Result = new ContentResult\n                {\n                    Content = $ \"Invalid header\"\n                };\ncontext.HttpContext.Response.StatusCode = (int)HttpStatusCode.ExpectationFailed;\n            }\n        }\n        private bool IsValidRequest(HttpRequest request)\n        {\n            string referrerURL = \"\";\n            if (request.Headers.ContainsKey(\"Referer\"))\n            {\nreferrerURL = request.Headers[\"Referer\"];\n            }\n            if (string.IsNullOrWhiteSpace(referrerURL)) return false;\n           \/\/Allows to check customer list\nvarUrls = _configuration.GetSection(\"CorsOrigin\").Get&lt;string[]&gt;()?.Select(url =&gt; new Uri(url).Authority).ToList();\n            \/\/add current host for swagger calls    \nvar host = request.Host.Value;\nUrls.Add(host);\n            bool isValidClient = Urlsl.Contains(new Uri(referrerURL).Authority);\n            \/\/ comapre with base uri\n            return isValidClient;\n        }\n    }\n}\n&lt;\/string[]&gt;\n\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<h4><span class=\"ez-toc-section\" id=\"%D8%A2%DB%8C%D8%A7_%D8%A8%D9%87_%D8%AF%D9%86%D8%A8%D8%A7%D9%84_%D8%AA%D9%88%D8%B3%D8%B9%D9%87_%D8%AF%D9%87%D9%86%D8%AF%D9%87_%D9%88%D8%A8_%D8%A7%D8%AE%D8%AA%D8%B5%D8%A7%D8%B5%DB%8C_ASPNet_Core_%D9%87%D8%B3%D8%AA%DB%8C%D8%AF%D8%9F_%D8%AC%D8%B3%D8%AA%D8%AC%D9%88%DB%8C_%D8%B4%D9%85%D8%A7_%D8%AF%D8%B1_%D8%A7%DB%8C%D9%86%D8%AC%D8%A7_%D8%A8%D9%87_%D9%BE%D8%A7%DB%8C%D8%A7%D9%86_%D9%85%DB%8C_%D8%B1%D8%B3%D8%AF\"><\/span>\n<p>  \u0622\u06cc\u0627 \u0628\u0647 \u062f\u0646\u0628\u0627\u0644 \u062a\u0648\u0633\u0639\u0647 \u062f\u0647\u0646\u062f\u0647 \u0648\u0628 \u0627\u062e\u062a\u0635\u0627\u0635\u06cc ASP.Net Core \u0647\u0633\u062a\u06cc\u062f\u061f  \u062c\u0633\u062a\u062c\u0648\u06cc \u0634\u0645\u0627 \u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u0628\u0647 \u067e\u0627\u06cc\u0627\u0646 \u0645\u06cc \u0631\u0633\u062f.<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<h2><span class=\"ez-toc-section\" id=\"%D9%85%DB%8C%D8%A7%D9%86_%D8%A7%D9%81%D8%B2%D8%A7%D8%B1_DoSattack_%D8%B1%D8%A7_%D8%A7%D8%B6%D8%A7%D9%81%D9%87_%DA%A9%D9%86%DB%8C%D8%AF\"><\/span>\n<p>  \u0645\u06cc\u0627\u0646 \u0627\u0641\u0632\u0627\u0631 DoSattack \u0631\u0627 \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u0627\u06af\u0631 \u0645\u0642\u06cc\u0627\u0633 \u062e\u0648\u062f\u06a9\u0627\u0631 \u0631\u0627 \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u06a9\u0631\u062f\u0647 \u0628\u0627\u0634\u06cc\u062f\u060c \u062d\u0645\u0644\u0627\u062a DOS API \u0647\u0627\u06cc \u0634\u0645\u0627 \u0631\u0627 \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u0645\u06cc \u062f\u0647\u062f \u0648 \u0622\u0646\u0647\u0627 \u0631\u0627 \u063a\u06cc\u0631\u0645\u062c\u0627\u0632 \u0648\/\u06cc\u0627 \u06af\u0631\u0627\u0646 \u0645\u06cc \u06a9\u0646\u062f.  \u0631\u0627\u0647 \u0647\u0627\u06cc \u0645\u062e\u062a\u0644\u0641\u06cc \u0628\u0631\u0627\u06cc \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0645\u0634\u06a9\u0644 \u0627\u0632 \u0637\u0631\u06cc\u0642 throttling \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f.  \u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u06af\u0632\u06cc\u0646\u0647 \u0627\u06cc \u0628\u0631\u0627\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0648\u0627\u0633\u0637\u0647 \u0647\u0627 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062a\u0639\u062f\u0627\u062f \u062f\u0631\u062e\u0648\u0627\u0633\u062a \u0647\u0627 \u0627\u0632 \u0622\u062f\u0631\u0633 \u0647\u0627\u06cc IP \u0645\u0634\u062a\u0631\u06cc \u0630\u0631\u0627\u062a \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f.<\/p>\n<p>\u062f\u0631 \u0632\u06cc\u0631 \u06a9\u062f DosAttackMiddleware.cs \u0622\u0645\u062f\u0647 \u0627\u0633\u062a<\/p>\n<div class=\"highlight js-code-highlight\">\n<pre class=\"highlight plaintext\"><code> namespace Security.Api.Middlewares\n{\n    using Microsoft.AspNetCore.Http;\n    using System.Collections.Generic;\n    using System.Linq;\n    using System.Net;\n    using System.Threading.Tasks;\n    using System.Timers;\n    public sealed class DosAttackMiddleware\n    {\n        private static IDictionary _IpAdresses = new Dictionary();\n        private static Stack _Banded = new Stack();\n        private static Timer _Timer = CreateTimer();\n        private static Timer _BannedTimer = CreateBanningTimer();\n        private\n        const int BANNED_REQUESTS = 10;\n        private\n        const int REDUCTION_INTERVAL = 1000;\n        private\n        const int RELEASE_INTERVAL = 3 * 60 * 1000; \/\/ 3 minutes    \n        private RequestDelegate _next;\n        public DosAttackMiddleware(RequestDelegate next)\n        {\n            _next = next;\n        }\n        public async Task InvokeAsync(HttpContexthttpContext)\n        {\n            string ip = httpContext.Connection.RemoteIpAddress.ToString();\n            if (_Banned.Contains(ip))\n            {\nhttpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden;\n            }\nCheckIpAddress(ip);\n            await _next(httpContext);\n        }\n        private static void CheckIpAddress(string ip)\n        {\n            if (!_IpAdresses.ContainsKey(ip))\n            {\n                _IpAdresses[ip] = 1;\n            }\n            else if (_IpAdresses[ip] == BANNED_REQUESTS)\n            {\n                _Banned.Push(ip);\n                _IpAdresses.Remove(ip);\n            }\n            else\n            {\n                _IpAdresses[ip]++;\n            }\n        }\n        private static Timer CreateTimer()\n        {\n            Timer timer = GetTimer(REDUCTION_INTERVAL);\ntimer.Elapsed += new ElapsedEventHandler(TimerElapsed);\n            return timer;\n        }\n        private static Timer CreateTimer()\n        {\n            Timer timer = GetTimer(RELEASE_INTERVAL);\ntimer.Elapsed += delegate {\n                if (_Banned.Any()) _Banned.Pop();\n            };\n            return timer;\n        }\n        private static Timer GetTimer(int interval)\n        {\n            Timer timer = new Timer();\ntimer.Interval = interval;\ntimer.Start();\n            return timer;\n        }\n        private static TimerElapsed(object sender, ElapsedEventArgs e)\n        {\n            foreach (string key in _IpAdresses.Keys.ToList())\n            {\n                _IpAdresses[key]--;\n                if (_IpAdresses[key] == 0) _IpAdresses.Remove(key);\n            }\n        }\n    }\n}\n\n<\/code><\/pre>\n<div class=\"highlight__panel js-actions-panel\">\n<div class=\"highlight__panel-action js-fullscreen-code-action\">\n    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-on\"><title>\u0648\u0627\u0631\u062f \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M16 3h6v6h-2V5h-4V3zM2 3h6v2H4v4H2V3zm18 16v-4h2v6h-6v-2h4zM4 19h4v2H2v-6h2v4z\"\/>\n<\/svg><\/p>\n<p>    <svg xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" class=\"highlight-action crayons-icon highlight-action--fullscreen-off\"><title>\u0627\u0632 \u062d\u0627\u0644\u062a \u062a\u0645\u0627\u0645 \u0635\u0641\u062d\u0647 \u062e\u0627\u0631\u062c \u0634\u0648\u06cc\u062f<\/title>\n    <path d=\"M18 7h4v2h-6V3h2v4zM8 9H2V7h4V3h2v6zm10 8v4h-2v-6h6v2h-4zM8 15v6H6v-4H2v-2h6z\"\/>\n<\/svg><\/p>\n<\/div>\n<\/div>\n<\/div>\n<h2><span class=\"ez-toc-section\" id=\"%D9%86%D8%AA%DB%8C%D8%AC%D9%87\"><\/span>\n<p>  \u0646\u062a\u06cc\u062c\u0647<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>\u06cc\u06a9 API \u063a\u06cc\u0631\u0645\u062c\u0627\u0632 \u0642\u0627\u0628\u0644 \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0633\u062a.  \u0645\u0627 \u0628\u0627\u06cc\u062f \u0628\u0627 \u0627\u0641\u0632\u0648\u062f\u0646 \u06a9\u062f \u0627\u0636\u0627\u0641\u06cc \u0627\u0632 \u0628\u0631\u062f\u0627\u0631 \u062d\u0645\u0644\u0647 \u0635\u0631\u06cc\u062d \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u06a9\u0646\u06cc\u0645.  \u0627\u0645\u06cc\u062f\u0648\u0627\u0631\u06cc\u0645 \u0627\u06cc\u0646 \u0648\u0628\u0644\u0627\u06af \u0627\u062c\u0631\u0627\u06cc \u0627\u06cc\u0646 \u0645\u062d\u062f\u0648\u062f\u06cc\u062a\u200c\u0647\u0627 \u0631\u0627 \u0622\u0633\u0627\u0646\u200c\u062a\u0631 \u06a9\u0646\u062f \u0648 \u062f\u0631 \u0639\u06cc\u0646 \u062d\u0627\u0644 \u0632\u0646\u062f\u06af\u06cc \u0627\u06cc\u0646 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0631\u0627 \u062f\u0634\u0648\u0627\u0631\u062a\u0631 \u06a9\u0646\u062f.<\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>ASP.NET Core \u06cc\u06a9 \u0633\u0627\u062e\u062a\u0627\u0631 \u0645\u062d\u0628\u0648\u0628 \u0627\u0633\u062a. \u0645\u0632\u0627\u06cc\u0627\u06cc \u06a9\u0644\u06cc\u062f\u06cc \u0622\u0646 \u0634\u0627\u0645\u0644 \u0648\u06cc\u0698\u06af\u06cc \u0647\u0627\u06cc\u06cc \u0645\u0627\u0646\u0646\u062f \u0627\u062c\u0631\u0627\u06cc \u06a9\u0631\u0627\u0633 \u067e\u0644\u062a\u0641\u0631\u0645\u060c \u0639\u0645\u0644\u06a9\u0631\u062f \u0628\u0627\u0644\u0627\u060c \u062a\u0632\u0631\u06cc\u0642 \u0648\u0627\u0628\u0633\u062a\u06af\u06cc \u062f\u0627\u062e\u0644\u06cc \u0648 \u062e\u0637 \u0644\u0648\u0644\u0647 \u062f\u0631\u062e\u0648\u0627\u0633\u062a HTTP \u0645\u062f\u0648\u0644\u0627\u0631 \u0627\u0633\u062a. \u0686\u0627\u0644\u0634 \u0647\u0627 \u0647\u0633\u062a\u0647 ASP.NET \u0627\u0632 \u0628\u0633\u06cc\u0627\u0631\u06cc \u0627\u0632 \u0627\u0631\u0627\u0626\u0647 \u062f\u0647\u0646\u062f\u06af\u0627\u0646 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u067e\u0634\u062a\u06cc\u0628\u0627\u0646\u06cc \u0645\u06cc \u06a9\u0646\u062f \u062a\u0627 \u0628\u0631\u0646\u0627\u0645\u0647 \u0647\u0627 \u0631\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u06af\u0631\u062f\u0634 \u06a9\u0627\u0631 \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0645\u062a\u0639\u062f\u062f \u0627\u06cc\u0645\u0646 \u06a9\u0646\u0646\u062f. &hellip;<\/p>\n","protected":false},"author":2,"featured_media":27188,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","footnotes":""},"categories":[339],"tags":[],"class_list":["post-27187","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-dev"],"_links":{"self":[{"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/posts\/27187","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/comments?post=27187"}],"version-history":[{"count":0,"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/posts\/27187\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/media\/27188"}],"wp:attachment":[{"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/media?parent=27187"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/categories?post=27187"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nabfollower.com\/blog\/wp-json\/wp\/v2\/tags?post=27187"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}