ASP.NET – Block IP Addresses from Your Site
Recently, one of my readers asked me how to block certain IP addresses from accessing his ASP.NET website.
It was a good question that could be answered in multiple correct ways.
My answer was a plug ‘n play HttpModule that could be reused in any ASP.NET application.
When an IP address is blocked it stops the response and sends a “403 Forbidden” header.
Even though it’s almost impossible to block someone from accessing your website, this is a simple way to make it much harder to do.
For the regular web users this is probably enough to keep them out.
Download the IpBlockingModule.cs below and add it to the App_Code folder. Then add the following line to the <system.web> section of the web.config.
<add type="IpBlockingModule" name="IpBlockingModule"/>
Then add the IP addresses you want to block, separated by commas, to the appSettings in web.config.
<add key="blockip" value="126.96.36.199, 188.8.131.52" />
Mads Kristensen currently works as a Senior Developer at Traceworks located
in Copenhagen, Denmark. Mads graduated from Copenhagen Technical Academy with a multimedia degree in
2003, but has been a professional developer since 2000. His main focus is on ASP.NET but is responsible for Winforms, Windows- and
web services in his daily work as well. A true .NET developer with great passion for the simple solution.