1

I have used the code on web.config to enforce Dynamic IP Restrictions to deny concurrent requests like 10 within 10 seconds and concurrent request at same time like 5 requests.

<security>
  <dynamicIpSecurity denyAction="Unauthorized">
  <denyByRequestRate enabled="true" maxRequest="10" RequestIntervalInMillisecond="10000"/>
  <denyByConcurrentRequests enabled="true" maxConcurrentRequests="5"/>
  </dynamicIpSecurity>
</security>

The application is .net 4.7 framework and it is an MVC application. When I publish the same on Azure Web App, it does not work.

When I try to send a request like 35 on Fiddler with same Azure URL, all the requests are been responded with 200 OK status.

I have tried the web.config code

<security>
  <dynamicIpSecurity denyAction="Unauthorized">
    <denyByRequestRate enabled="true" maxRequest="10" RequestIntervalInMillisecond="10000"/>
    <denyByConcurrentRequests enabled="true" maxConcurrentRequests="5"/>
  </dynamicIpSecurity>
</security>

<security>
  <dynamicIpSecurity denyAction="Unauthorized">
    <denyByRequestRate enabled="true" maxRequest="10" RequestIntervalInMillisecond="10000"/>
    <denyByConcurrentRequests enabled="true" maxConcurrentRequests="5"/>
  </dynamicIpSecurity>
</security>
Mohit Verma
  • 5,140
  • 2
  • 12
  • 27
Converge Solution
  • 11
  • 1

1 Answers1

-1

Can you try below tag and see if it works. try requestedIntervalInMilliseconds instead of RequestIntervalInMillisecond.

<security>
  <dynamicIpSecurity denyAction="Unauthorized">
    <denyByRequestRate enabled="true" maxRequest="10" requestedIntervalInMilliseconds="10000"/>
    <denyByConcurrentRequests enabled="true" maxConcurrentRequests="5"/>
  </dynamicIpSecurity>
</security>
Mohit Verma
  • 5,140
  • 2
  • 12
  • 27