Block IP Addresses to SQL Server using a Logon Trigger

http://www.sqlservercurry.com/2010/09/block-ip-addresses-to-sql-server-using.html

 

We were testing a scenario and wanted to block SQL Server connection through certain IP addresses. Here’s how we solved the requirement using a Logon Trigger

CREATE TRIGGER AllowLocalOnly
ON ALL SERVER
FOR LOGON
AS
BEGIN
DECLARE @IP Varchar(500)
SET @IP = EVENTDATA().value
('(/EVENT_INSTANCE/ClientHost)[1]', 'varchar(500)')
IF @IP
IN ('172.16.255.11', '172.20.254.1', '172.26.254.12')
BEGIN
Print 'There I caught you ' + @IP
ROLLBACK TRANSACTION
END
END
GO

If the user tries to login through any of these I.P. addresses, the Logon trigger will fire after the authentication phase of logging, but before the user session is actually established, and rollback the transaction. This will restrict Login to SQL Server.

If there is an attempt to login from any of these I.P. Addresses, you can find out by searching the SQL Server error log for something similar to – ‘There I caught you 172.16.255.11 ’. Although I haven’t tried but you can also send an email instead of just printing the error in the error log.

Note: Logon Triggers are available only from SQL Server 2005 SP2 onwards.

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值