Shulou(Shulou.com)05/31 Report--

ASP and SQL Server in how to build a web firewall, I believe that many inexperienced people do not know what to do, so this paper summarizes the causes of the problem and solutions, through this article I hope you can solve this problem.

First, establish Login

Set up the visitor's Login and Password on SQL Server.

Second, create the database DSN on the network server

Use the ODBC data Source Manager in the Control Panel to create the ODBC data resource name of a database, DSN, so that you can later connect to a specific database by using the database DSN.

The ODBC data Source Manager provides three kinds of DSN, namely, user DSN, system DSN, and file DSN. Where user DSN saves the corresponding configuration information in the registry of Windows, but only allows login users who create the DSN to use it. The system DSN also saves the relevant configuration information in the system registry, but unlike the user DSN, the system DSN allows all users who log in to the server to use.

Unlike the above two kinds of database DSN, the file DSN saves the specific configuration information in a specific file on the hard disk. The file DSN is available to all users who log in to the server and provides access to the database DSN even if no user is logged in. In addition, because the file DSN is saved in the hard disk file, it can be easily copied to other machines. In this way, users can directly use the DSN created on other machines without making any changes to the system registry.

In the above three kinds of database DSN, users are advised to choose system DSN or file DSN. If users prefer the portability of file DSN, they can obtain higher security by setting file access rights under the NT system.

To create a new DSN, the user first selects add, and then in the pop-up window, select the type of database to which the user will establish a connection and select the "SQL Server" item in the list. If the user is creating a file DSN, click the next button and enter the file name and save path of the file DSN to be created in the dialog box that follows. If the user is building a system DSN, click the finish button.

After selecting the database, the user needs to set up the database DSN. The user needs to select the specific server that provides the database service, set the login user name and password, and the database to which the user will connect.

III. Program design

The next thing to implement is the function of a simple page firewall. This page restricts access only to users of the intranet (assuming that the IP address of the intranet is from 10.61.96? To 10.65.97? If the access is made by a user outside the unit, the access user name and password are required. Here you use the ServerVariables property of the request object, which is used to get the value of the environment variable.

The program source code (firewall.asp) is as follows:

< html > < head > < meta http-equiv= "Content-Type" content= "text/html Charset=gb_2312-80 "> < meta name=" GENERATOR "content=" Microsoft FrontPage Express 2.0 "> < title > firewall.asp < / title > < / head > < body background=" # 800080 "> <% 'get the IP address using Request.ServerVariables (" REMOTE_ADDR ") and save it in the variable remoteip remoteip=Request.ServerVariables (" REMOTE_ADDR ") stip=cstr (remoteip) gets the value of the third segment of the IP address and stores it in stip for item1 to 2 stip=right (stip,len (stip)-instr (1) Stip ".") Next stip=left (stip,instr (1 recording stip, ".")-1)'IP address validity test and password verification, including two aspects: if the IP address matches, it is verified. If the IP address does not match, verify that the user name and password entered are correct if (left (remoteip,5) < > "10.61" or stip < "96" or stip > "97") then username=request.form ("T1") password=request.form ("T2") Set fs = CreateObject ("Scripting.FileSystemObject") Set thisfile = fs.OpenTextFile ("dsn.txt") db loc=thisfile.readline thisfile.close cnstr=db_loc&& "uid=" & & username&& " "& &" pid= "& & password on error resume next set cn=server.createobject (" adodb.connection ") cn.open cnstr if err=3709 then% > < p > < font color=" # FF0000 "> Sorry, user: <% = username% > does not have access Or the password is incorrect! < BR > < / font > < / p > < form method= "POST" > < p align= "center" > username: < input type= "text" name= "T1" size= "20" > password: < input type= "password" name= "T2" size= "20" > < input type= "submit" value= "submit" name= "B1" > < input type= "reset" value= "all rewrite" name= "B2" > < / p > < / form > <% end If cn.close set cn=nothing% > < else > Congratulations You have passed the verification and can use the resources of this site directly! <% end if% > < / body > < / html >

Modify the information above, such as IP address, and the program will be ready to run.

Of course, the above is just a firewall function in a page. If a site has more than one page, you can set a session variable to flag the user, which can be judged in the following pages.

After reading the above, have you mastered how to build a web firewall in ASP and SQL Server? If you want to learn more skills or want to know more about it, you are welcome to follow the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.