home links tools blog about

configuration docs

home

ReverseDOS 3.1

NOTE: much of the information on this page is superceded (in terms of functionality) by RDOS 3.1's support for rules and granular filtering, as well as by the ability to recognize (and ignore) authorized/authenticated requests.

Please make sure to check out the documentation accompaning RDOS 3.1 before attempting to use any of the documentation below to meet your needs.

Settings Syntax

[optionalItems]
option
"options value"
(defaults)

Global Configuration

ReverseDOS allows for a few global settings, which can be overridden from their default states. If you wish to add specify any of these settings, just add a single <settings> element to your web.config in the <reverseDOS> node, above the <filters> node. Settings are as follows:

<settings>
[enabled="true|false" (default = true) ]
When not enabled, no filtering takes place.
[hideExceptions="true|false" (default = true) ]
When set to true, ReverseDOS just eats internal exceptions while processing requests. Poof! they're gone. This feature really just protects you from any bad coding that Mikeey may have made while writing the thing. If you botch a configuration setting for a filter, those will throw exceptions as soon as the HttpModule attempts to load them. (Yeah, this 'functionality' is almost useless...)
[lagTime="##" (default = 60000 (or 60 seconds)) ]
This optional value specifies, in milliseconds, the number of seconds to ATTEMPT to wait before throwing the 403 Response Code. Every .3 seconds ReverseDOS will check to see if the client is connected, and if they are still connected, will keep stalling them. If they are not connected, ReverseDOS terminates the request, recovering resources (not that stalling a request takes any resources). IF you don't want ReverseDOS to 'stall' requests, just set this value to 0, and the 403 Response Code will be issued immediately.
[responseCode = "###" (default = 403) ]
This is the HTTP Response CODE that ReverseDOS 2.0 will throw when it detects spam. If, for some reason you'd like to throw something other than a 403, this is where you'd set that.
[concurrencyLimit = "#" (default = 6) ]
Specifies the total number of concurrent 'stalling' responses that can be active at any given time. (Having a limit in place makes it so that spammers can't use ReverseDOS against you to DOS your site by tying up all of your threads to service spam requests.)

Trusted Addresses

ReverseDOS allows you to trust certain IPs by adding elements to the <trustedAddresses> node.

<address>
pattern = "string"
This is the pattern you want to match. Like 64.38.127.12. Unless you treat your patterns as regexes, you'll need to add a new <address> node for each pattern/ip address you wish to trust.
[isRegex = "true|false" (default = false) ]
Set to true if you wish to have the pattern evaluated as a regex. Useful when you want to allow entire ranges of IP addresses.

<directory>
pattern="string"
This is the directory you wish to mathc - like /blog/admin.
[isRegex = "true|false" (default = false) ]
Set to true if you wish to have your pattern evaluated as a regex - though you'll probably usually see better results with a non-regex attempt to match.

Filters

Filters differ from other ReverseDOS config nodes in that the element's InnerText represents the pattern to be evaluated. The way this pattern will be evaluated is determined by supporting attributes as follows:

<filter>
[isRegex="true|false" (default = false) ]
Specifies whether or not the pattern should be evaluated as a regular expression.
[matchCount="#" (default = null) ]
Optional numerical value used in conjunction with regex filters. If this value is specified, then a regex pattern must match n times in order to indicated a successful match, where n is the value specified in the attribute.