防止 HealthMonitoring 错误电子邮件发送危险的 Request.Path
我目前正在为一个面向公众的网站实施健康监测。我正在使用 SimpleMailWebEventProvider 在发生错误时发送电子邮件。 “所有错误”。
我希望有这方面经验的人能够向我展示一种简单的方法来防止在以下情况下发送电子邮件 “从客户端检测到潜在危险的 Request.Path 值 (:)” 我可以看到这些错误,并可以通过它们的时间(同时)和所请求的 URL 判断它们来自机器人而不是人类
示例:
请求路径: /Scripts/,data:c,complete:function(a,b,c){c=a.responseText,a.isResolved()&&(a.done(function(a){c=a}), i.html(g
我喜欢 .Net 在这些情况下抛出错误,但这些电子邮件可能占我收到的所有健康监控电子邮件的 90%。通读所有这些电子邮件以找到指示错误的电子邮件网站的代码问题很麻烦。
我想避免创建自己的 MailEventProvider,尽管我过去曾经这样做过,但我相信我最终不得不使用 ILSpy 来创建自己的 MailEventProvider,因为 SimpleMailWebEventProvider 已被密封。
I currently have healthmonitoring implemented for a public facing website. I am using the SimpleMailWebEventProvider to send emails out when errors happen. "All Errors".
I am hoping someone who has experience with this will be able to show me an easy way to prevent emails from being sent in the case of
"A potentially dangerous Request.Path value was detected from the client (:)" I can see these errors and can tell they are coming from a bot and not a human, by their timing (all at once) and by the url being requested
example:
Request path: /Scripts/,data:c,complete:function(a,b,c){c=a.responseText,a.isResolved()&&(a.done(function(a){c=a}),i.html(g
I like the fact that .Net is throwing an error in these cases but these emails account for probably 90% of all healthmonitoring emails I get. Reading through all of them to locate error emails that indicate a code problem with the website is a hassle.
I would like to avoid creating my own MailEventProvider, although I have in the past but I believe I ended up having to use ILSpy to create my own since SimpleMailWebEventProvider is Sealed.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
为了过滤机器人引起的异常,我通常在 Global.asax 的 Application_Error 处理程序中调用 Server.ClearError() ,这可以防止运行状况监控处理未处理的异常。但是,如果您将运行状况监控与事件日志结合使用,这也将防止事件日志中出现错误。
在实际的应用程序中,我认为使用一些附加条件来确保错误来自机器人是有意义的,例如考虑 IP 地址、url 等。
To filter exceptions caused by robots, I usually call Server.ClearError() in Application_Error handler in Global.asax, this prevents health monitoring from processing unhandled exceptions. However, if you use health monitoring with event log, this will also prevent errors from appearing in event log.
In real app, I think it makes sense to use some additional conditions to ensure that error comes from robot, like taking into account IP address, url, etc.