Setup and Installation of Zen Firewall for Dotnet
This guide will walk you through installing and setting up Zen Firewall by Aikido for your application. Follow the steps below to protect your application.
We have first class support for multiple frameworks and database drivers, for the full list check our README on GitHub.
1. Install Zen by Aikido
Zen Firewall for Dotnet comes as a NuGet packages for Core and Framework that need to be installed together with your code so your application can be protected.
Install the package from NuGet:
dotnet add package Aikido.Zen.DotNetCoreConfigure your application to initiate the Zen firewall.
If you are using a startup class, you can add the following to your Startup.cs file:
public void ConfigureServices(IServiceCollection services)
{
// other services
services.AddZenFirewall(Configuration);
// other services
}
public void Configure(IApplicationBuilder app)
{
// other middleware
app.UseZenFirewall(); // place this after userouting, or after authorization, but high enough in the pipeline to catch all requests
// other middleware
}2. Create an app in the dashboard and generate a token
Create your Aikido account if you haven't done so already
Go to the Zen section in Aikido.
Click on Add app.
Choose a name for your app and click Generate token.
Copy the generated token
3. Start Zen Firewall in dry / detection-only mode
Set the token as an environment variable, in appsettings.json or Web.config appSettings depending on your environment.
{
"Aikido": {
"AikidoToken": "your-api-key"
}
}Set the token as an environment variable:
AIKIDO_TOKEN=YOUR_SECRET_TOKENStart your app in dry mode
AIKIDO_BLOCK=falseto ensure it works as expected without blocking any requests. We advise to run Aikido Zen in staging for two weeks to avoid any false positives.
4. Test your app
Browse to your application and perform a couple of actions or open a couple of pages. Zen will automatically discover the routes in your application.
You can verify a working agent by looking at the following pages of your Zen application:
Events: Should show an "Application started" event.
Routes: After some time your application routes will start showing here with the method, route and requests.
Instances: Should show the number of active instances for your application where Zen is installed.
5. Enable Rate limiting and User blocking
Enable additional features like Rate limiting and User blocking from within your code. Check out these examples below. Keep in mind that your specific setup might need adjustments based on your framework and configuration.
.UseRouting()
.Use((context, next) =>
{
// Identify users to the Zen platform
var id = context.User?.Identity?.Name ?? "-1";
var name = context.User?.Identity?.Name ?? "Anonymous";
if (!string.IsNullOrEmpty(id))
Zen.SetUser(id, name, context);
return next();
})
.UseZenFireWall()6. Setup rate limiting in the dashboard
After you've added the Aikido middleware, you can test it out by logging in to your Aikido account and navigating to the Zen dashboard.
To protect a route from brute force attacks, set up rate limiting in the Aikido Dashboard:
Click on the created app.
Go to the Routes tab.
Find the route you would like to limit and click Setup rate limiting.
Follow the instructions to configure the rate limit (e.g., 5 requests per minute).
5. Verify Rate Limiting
Start your app and try to access the route you've rate limited 5 times within a minute. After the fifth attempt, you should receive a rate limit error:
You are rate limited by Aikido firewall. (Your IP: 1.2.3.4)Next steps
Congrats you've successfully installed Aikido Zen. If you encountered any problems, have concerns or have feature requests, don't hesitate to reach out to support.
You can now go and explore the many features that Zen provides:
Additional information:
Last updated
Was this helpful?