IIS (ASP.Net)
DataDome IIS module detects and protects against bot activity.
Before the regular IIS process starts, the module makes a call to the DataDome API using a KeepAlive connection.
Depending on the API response, the module will either block the query or let the IIS proceed with the regular process.
The module has been developed to protect the users' experience: if any errors were to occur during the process or if the timeout is reached, the module will automatically disable its blocking process and allow those hits.
Compatibility
This module is compatible with .NET Framework 3.5 or later and can be executed using any web server with support for ASP.NET HTTP Modules (e.g. IIS 6+, IIS Express, XSP, Apache with mod_mono).
DataDome integration has been successfully tested on Azure VM and Azure WebApp.
Prerequisites
In order for DataDome to run, the following features should be installed on the IIS server:
- ASP.net
- HTTP Activation
- ISAPI
Installation
DataDome support 2 interfaces for integrating with IIS:
- System.web installation (Recommended): Module System.web
- OWIN (Open Web Interface for .Net): Module Owin
Settings
| Settings | Description | Default |
|---|---|---|
| dome:domain | API endpoint URL Available endpoints | api.datadome.co |
| dome:protocol | API endpoint protocol | http |
| dome:pattern | Regular expression to include URLs | N/A |
| dome:exclusion-pattern | Regular expression to exclude URLs (exclude static asset) | exclude static assets |
| dome:license | License key to access the API | |
| dome:timeout | API connection timeout (in milliseconds) | 100 |
| dome:processIPs | Only process requests that are from selected IP addresses over the API server. This is a comma separated list of IPv4 or IPv6 networks. By default, the value includes blank addresses, similar to 0.0.0.0/0,::/0 | N/A |
| dome:skipIPs | Do not send requests incoming from specified IPv4 or IPv6 networks to the API server. By default, the value is blank, meaning there are no addresses to skip. |
Regular expression
Both parameters
dome:patternanddome:exclusion-patterndoes not use query string parameters
FAQ
Can I upgrade the module?
To upgrade the DataDome Module you need to add the new .dll file in your bin folder.
Caution: if you upgrade from a version older than 2.3, you need to change some of the settings' names.
Can I get Bot Name, Bot Type and Bot/Human flags in my application?
DataDome module can inject headers in the HTTP request that can be read by your application.
For IIS, check if "Server roles -> Web Server (IIS)-> Web Server -> Common HTTP Features-> Health and diagnostics-> Custom logging" is enabled.
You can find more information here.
How can I activate debug logs?
You can configure tracing by editing the application's configuration Web.config file. Below is a sample of an edited Web.config.
For more information on these settings, refer to the following documentation.
<configuration>
[...]
<system.diagnostics>
<trace autoflush="true" />
<sources>
<source name="DataDome" switchValue="Information">
<listeners>
<add
name="FileLog"
type="System.Diagnostics.TextWriterTraceListener"
initializeData="/PATH/DataDome.log"
traceOutputOptions="DateTime"
/>
</listeners>
</source>
</sources>
</system.diagnostics>
</configuration>
How can I enable HTML tracing?
Caution: This setting should be applied in the development environment only
The application has its own trace mode. The request's information is rendered to the HTML output. It can be enabled through the below setting:
<configuration>
[...]
<appSettings>
[...]
<add key="dome:trace" value="true" />
</appSettings>
</configuration>
How can I use a proxy?
The module can send the request through your proxy server. This can be enabled by specifying the proxy address in the Web.config file.
For more information on these settings, refer to the following documentation.
<configuration>
[...]
<system.net>
[...]
<defaultProxy>
<proxy proxyaddress="http://192.168.1.10:3128" />
</defaultProxy>
</system.net>
</configuration>
Updated 2 months ago