Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/angular/26.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Vbscript IIS 10和自定义错误页执行两次_Vbscript_Asp Classic_Iis 10 - Fatal编程技术网

Vbscript IIS 10和自定义错误页执行两次

Vbscript IIS 10和自定义错误页执行两次,vbscript,asp-classic,iis-10,Vbscript,Asp Classic,Iis 10,为了应对臭名昭著的“xmlrpc.php”DOS攻击,我为404和500-100类型的错误编写了自定义错误ASP页面,并使大部分错误正常工作。但是,我发现页面被执行了两次,原因不明。它们既发送电子邮件,也收集客户端的IP,以便自动添加到Peerblock自定义IP阻止列表文本文件中。但是,由于双重执行,将发送两(2)封电子邮件,并将IP地址添加到Peerblock文本文件中两次。以下是404页面的代码段列表: ' Grab the current URL and peform a number

为了应对臭名昭著的“xmlrpc.php”DOS攻击,我为404和500-100类型的错误编写了自定义错误ASP页面,并使大部分错误正常工作。但是,我发现页面被执行了两次,原因不明。它们既发送电子邮件,也收集客户端的IP,以便自动添加到Peerblock自定义IP阻止列表文本文件中。但是,由于双重执行,将发送两(2)封电子邮件,并将IP地址添加到Peerblock文本文件中两次。以下是404页面的代码段列表:

' Grab the current URL and peform a number of tests (if we can--after the IIS server performs a redirection to a 404 handler, the URL is stripped of all parameters):
TheURL = Request.ServerVariables("SERVER_NAME") & Request.ServerVariables("SCRIPT_NAME")
If Request.ServerVariables("QUERY_STRING") <> "" Then
    TheURL = TheURL & "?" & Request.ServerVariables("QUERY_STRING")
End If

strServer = Request.ServerVariables("SERVER_NAME")
strUrl = Request.QueryString
strPage = Mid(strUrl, InStr(strUrl, strServer) + Len(strServer) + 1)
ClientIPAddress = Request.ServerVariables("LOCAL_ADDR")  
HTTPReferer = Request.ServerVariables("HTTP_REFERER")

If HTTPReferer = "" Then
    If InStr(1, ClientIPAddress, "10.1.252.250", 0) > 0 Then 
        HTTPReferer = "www.edenusa.com"
        WithinSite = True
    Else
        HTTPReferer = "UNKNOWN URL" 
        WithinSite = False
    End If
End If

' Grab the IP address of the client coming into site (used later in email and HTML text):
RemoteIPAddress = Request.ServerVariables("REMOTE_ADDR")

' Don't notify via email when the URL is the following (happens too often):
HTTPRefererStatus = InStr(HTTPReferer, "edenusa.com/") OR InStr(HTTPReferer, "www.edenusa.com/") OR InStr(HTTPReferer, "edenusa.com/favicon.ico") OR InStr(HTTPReferer, "edenusa.com/favicon.gif") OR InStr(HTTPReferer, "edenusa.com/robots.txt") OR InStr(HTTPReferer, "xmlrpc.php")
TheURLStatus = InStr(TheURL, "xmlrpc.php")

If HTTPRefererStatus > 0 Or TheURLStatus > 0 Then

    NoEmail = True ' Do not send an email in this case

    If TheURLStatus > 0 Then ' Write the IP address to our own local Peer Block list:
        ' The format of the file is as follows: #[name]:[IpRangeStart]-[IpRangeEnd]

        Dim objFS
        Dim objFile
        Dim IPBlockFileName: IPBlockFileName = "badiplist-edenusa.txt"

        Set objFS = Server.CreateObject ("Scripting.FileSystemObject")
        sIPBlockListPath = Server.Mappath ("/common/errorhandling/badiplists/" & IPBlockFileName)
        Set objFile = objFS.OpenTextFile (sIPBlockListPath, 8)

        ' Write the IP address out to the IP Block List file:
        objFile.WriteLine "#Test: " & RemoteIPAddress & "-" & RemoteIPAddress

        objFile.Close
        Set objFS = Nothing
        Set objFile = Nothing
    End If
End If


' Using Persits ASPEmail component, send an error report email to the support team.

sAlertBody = "At " & Now() & " a 404 error was encountered when a user attempted to visit the following link: " & HTTPReferer & vbCrLf
sAlertBody = sAlertBody & vbCrLf & vbCrLf
sAlertBody = sAlertBody & "The local IP address is: " & ClientIPAddress
sAlertBody = sAlertBody & vbCrLf & vbCrLf
sAlertBody = sAlertBody & "The remote IP address is: " & RemoteIPAddress
sAlertBody = sAlertBody & vbCrLf & vbCrLf
sAlertBody = sAlertBody & "The value of TheURL is: " & TheURL
sAlertBody = sAlertBody & vbCrLf & vbCrLf

'Send email for evaluation:
'Function IsSuccessfulEmail(sFromAddress, sSenderName, sRecipient, sReplyTo, sSubject, sBody, sCarbonCopyAddress, sFileAttachmentLocation)

If NoEmail = False Then

' Call the emailing function (contained in the /INCLUDEFILES/EMAILOPERATIONS/EMAILFUNCTIONS.ASP file):

    ' Call the AdministrativeAlertEmail() function:
    AlertEmailResult = AdministrativeAlertEmail(sAlertRecipient, sAlertSubject, sAlertBody, sAlertHost)

        If Debug_404ErrorPage = True Then
            Response.Write("LINE-178: This is the value of the AlertEmailResult variable: ") & AlertEmailResult & "<br>"
            Response.End
        End If

Else ' Do not send an email, and reset the variable back to TRUE:

    NoEmail = True

End If
”获取当前URL并进行大量测试(如果可以的话——在IIS服务器执行到404处理程序的重定向后,URL将删除所有参数):
URL=Request.ServerVariables(“服务器名称”)和Request.ServerVariables(“脚本名称”)
如果Request.ServerVariables(“查询字符串”),则
TheURL=TheURL&“?”和Request.ServerVariables(“查询字符串”)
如果结束
strServer=Request.ServerVariables(“服务器名称”)
strUrl=Request.QueryString
strPage=Mid(strUrl,InStr(strUrl,strServer)+Len(strServer)+1)
ClientIPAddress=Request.ServerVariables(“本地地址”)
HTTPReferer=Request.ServerVariables(“HTTP\u REFERER”)
如果HTTPReferer=“”,则
如果InStr(1,ClientIPAddress,“10.1.252.250”,0)>0,则
HTTPReferer=“www.edenusa.com”
WithinSite=True
其他的
HTTPReferer=“未知URL”
WithinSite=False
如果结束
如果结束
'获取进入站点的客户端的IP地址(稍后在电子邮件和HTML文本中使用):
RemoteIPAddress=Request.ServerVariables(“远程地址”)
'当URL为以下内容时,不要通过电子邮件通知(发生频率太高):
HTTPRefererStatus=InStr(HTTPReferer,“edenusa.com/”)或InStr(HTTPReferer,“www.edenusa.com/”)或InStr(HTTPReferer,“edenusa.com/favicon.ico”)或InStr(HTTPReferer,“edenusa.com/robots.txt”)或InStr(HTTPReferer,“xmlrpc.php”)
TheURLStatus=InStr(URL,“xmlrpc.php”)
如果HttpPreferStatus>0或URLStatus>0,则
NoEmail=True“在这种情况下,不要发送电子邮件
如果URLSTATUS>0,则“将IP地址写入我们自己的本地对等阻止列表:
'文件的格式如下:#[name]:[IpRangeStart]-[IpRangeEnd]
Dim objFS
Dim objFile
Dim IPBlockFileName:IPBlockFileName=“badiplist edenusa.txt”
设置objFS=Server.CreateObject(“Scripting.FileSystemObject”)
sIPBlockListPath=Server.Mappath(“/common/errorhandling/badiplists/”&IPBlockFileName)
设置objFile=objFS.OpenTextFile(sIPBlockListPath,8)
'将IP地址写入IP阻止列表文件:
objFile.WriteLine“#测试:&RemoteIPAddress&“-”&RemoteIPAddress
objFile.Close
设置objFS=Nothing
设置objFile=Nothing
如果结束
如果结束
'使用Persits ASPEmail组件,向支持团队发送错误报告电子邮件。
sAlertBody=“At”&Now()&“当用户试图访问以下链接时遇到404错误:”&HTTPReferer&vbCrLf
sAlertBody=sAlertBody&vbCrLf&vbCrLf
sAlertBody=sAlertBody&“本地IP地址为:”&ClientIPAddress
sAlertBody=sAlertBody&vbCrLf&vbCrLf
sAlertBody=sAlertBody&“远程IP地址为:”&远程IP地址
sAlertBody=sAlertBody&vbCrLf&vbCrLf
sAlertBody=sAlertBody&“URL的值为:”&TheURL
sAlertBody=sAlertBody&vbCrLf&vbCrLf
'发送电子邮件进行评估:
'函数IsSuccessfulEmail(sFromAddress、sUnderName、sRecipient、sReplyTo、sObject、sBody、sBonCopyAddress、sFileAttachmentLocation)
如果NoEmail=False,则
'调用电子邮件功能(包含在/INCLUDEFILES/EMAILOPERATIONS/EMAILFUNCTIONS.ASP文件中):
'调用AdministrativeAlertEmail()函数:
AlertEmailResult=AdministrativeAlertEmail(sAlertRecipient、sAlertSubject、sAlertBody、salerHost)
如果Debug_404ErrorPage=True,则
Response.Write(“第178行:这是AlertEmailResult变量的值:”)&AlertEmailResult&“
” 答复.完 如果结束 Else'不发送电子邮件,并将变量重置回TRUE: NoEmail=True 如果结束
IIS自定义错误页面工具允许通过“错误页面”机制定义自定义错误页面。可以编辑每种状态代码类型(例如500),以包含到您自己的自定义错误页面的相对路径。不幸的是,我发现我在500页中实例化的Server.GetLastError()方法只返回空值。网络上的一篇文章描述了一种解决方案,利用IIS中的“编辑功能设置…”可以指向“默认页面”。不幸的是,这导致所有其他定义的自定义错误页面被执行两次。在删除定制的500错误页面后(正如Lankymart所建议的),本文中描述的问题得到了解决。

只是想知道
if NoEmail
-语句的逻辑。它检查是否为false,然后将其设置为true。但这一点应该是正确的,因为它没有通过声明。那你去那里干什么?你好,丹尼尔。谢谢你的评论。我自己也很好奇。我相信最初的程序员试图阻止双重电子邮件的发生。我添加的部分是创建供Peerblock使用的IP阻止列表文件。正如您在代码中看到的,这样做是为了阻止黑客多次试图用XMLRPC DOC攻击Wordpress站点。然而,撇开“NoEmail”代码的逻辑不谈,每当站点上发生404错误时,页面都会执行两次。这是最初发布的问题,任何自定义页面都会出现此问题。我一直在谷歌上搜索此问题的解决方案,并试图找出如何与Microsoft联系,但找不到任何主题的信息。您可以尝试使用fiddler