Before the regular IIS process, the module makes a call to the DataDome API using a keepalive connection.
Depending on the API response, the module will either block the query or let IIS continue the regular process.
The module has been developed to protect user experience as if any error was to occur during the process or if the timeout was reached, the module would automatically disable its blocking process and allow those hits.
This module is compatible with .NET Framework 3.5 or later and can be executed using any web server with support of ASP.NET HTTP Modules (e.g. IIS 6+, IIS Express, XSP, Apache with mod_mono).
DataDome integration was successfully tested on Azure VM and Azure WebApp.
https://package.datadome.co/aspnet/DataDome-SystemWeb4-latest.zip
https://package.datadome.co/aspnet/DataDome-SystemWeb4-latest.zip
https://package.datadome.co/aspnet/DataDome-OWIN21-latest.zip
Extract filles and copy contents of the /bin
folder to the /bin
folder of your website.
NuGet Installation
The HTTP Module is available as NuGet package.
You can add it to the project using your favorite IDE (i.e. Visual Studio, Xamarin Studio, MonoDevelop, SharpDevelop), via NuGet console or any other NuGet-compatible
tools (i.e. Continuos Integrations and Delivery tools like TeamCity, Octopus Deploy, etc.)
Install-Package DataDome.SystemWeb
Install-Package DataDome.SystemWeb
Install-Package DataDome.Owin
Registering with SystemWeb
If the Web site does not already have a Web.config
file, create one under the root of the site. Then add the following code to the Web.config
file or update your existing Web.config
and add section above with module registration.
<configuration>
[...]
<system.webServer>
[...]
<modules runAllManagedModulesForAllRequests="true">
[...]
<add name="DataDome" type="DataDome.Web.ConnectorHttpModule, DataDome.SystemWeb" />
</modules>
</system.webServer>
</configuration>
<configuration>
[...]
<system.web>
[...]
<httpModules>
[...]
<add name="DataDome" type="DataDome.Web.ConnectorHttpModule, DataDome.SystemWeb" />
</httpModules>
</system.web>
</configuration>
Check if "IIS->Application Pools->(Your AppPool)->Advanced Settings(on the right)->Load User profile" is true
Registering with Owin
AspNet Dome supplied with the method extension to register the middleware. Below there is an example of the Startup entry point configuration.
using System;
using Microsoft.Owin;
using Owin;
using DataDome.Owin;
[assembly:OwinStartup(typeof(Demo.Startup))]
namespace Demo
{
public class Startup
{
public void Configuration(IAppBuilder app)
{
app.UseDataDome();
// All middleware after Data Dome will be shielded.
}
}
}
update your existing Web.config
and add section above with module registration.
<configuration>
[...]
<system.webServer>
[...]
<modules>
[...]
<add name="DataDome" type="DataDome.Web.ConnectorHttpModule, DataDome.SystemWeb" />
</modules>
</system.webServer>
</configuration>
Check if "IIS->Application Pools->(Your AppPool)->Advanced Settings(on the right)->Load User profile" is true
Module can be configured using appSettings
section of the Web.config
file. Like in the following example:
<configuration>
[...]
<appSettings>
[...]
<add key="dome:domain" value="api.datadome.co" />
<add key="dome:protocol" value="http" />
<add key="dome:license" value="...you secret license key..." />
</appSettings>
</configuration>
dome:domain
URL of the API endpoint
api.datadome.co
dome:protocol
Protocol of the API endpoint
http
dome:pattern
Regular expression to include URLs
N/A
dome:exclusion-pattern
Regular expression to Exclude URLs (exclude static asset)
.*\.(js|css|jpg|jpeg|png|ico|gif|tiff|woff|woff2|ttf|eot)($|\?)
dome:license
License key to access API
dome:timeout
API Connection timeout (in milliseconds)
100ms
Can I upgrade the module
To upgrade DataDome Module you need to add in your bin folder the new ddl file.
Caution: if you upgrade from version older than 2.3 you need to change some setting name.
Can I get Bot Name, Bot Type and Bot/Human flag in my application?
DataDome module can inject headers in the HTTP Request that can be read by your application.
You can find more information here
How can I activate logs?
You can configure tracing by editing the application's configuration Web.config
file. The following is an example of such edit.
For more information on these settings, see the documentation.
<configuration>
[...]
<system.diagnostics>
<trace autoflush="true" />
<sources>
<source name="DataDome" switchValue="Information">
<listeners>
<add
name="FileLog"
type="System.Diagnostics.TextWriterTraceListener"
initializeData="/PATH/DataDome.log"
traceOutputOptions="DateTime"
/>
</listeners>
</source>
</sources>
</system.diagnostics>
</configuration>
How can I enable HTML tracing?
Application has its own trace mode, when all request information is rendered to the HTML output. It can be enabled by enabling this setting:
<configuration>
[...]
<appSettings>
[...]
<add key="dome:trace" value="true" />
</appSettings>
</configuration>