WebSurge-Allow.txt and Robots.txt to run Load Tests

As a measure to prevent Denial of Service attacks on random sites, WebSurge has a few requirements without which Load Tests cannot be run.

The target Web Server must have one of the following:

  • A local IP Address
  • websurge-allow.txt in the root folder
  • robots.txt with Allow: WebSurge entry

Without one of these conditions in place, a Load Test will not start. When running from the CLI you'll get an error response for each request, that provides this same error text.

Here's what the error message looks like when starting a load test:

Note: Individual URL tests always work against target URLs, even if the above requirements are not met. These rules apply only when running a load test.

Local IP Address

If you are local to the server you are testing and the IP Address in use is localhost, 127.0.0.1 or the actual local IP Address or a locally mapped domain, Load Tests are allowed without further requirements.

The reasoning is that if you can access the local machine you are the owner of the site and you are allowing the Load Test, as well as for the typical local debugging scenario for software development scenarios.

Required Server Files

For remote servers, you need to prove that you own the servers by providing one of the following files in a well known location in the root of the Web site.

websurge-allow.txt

You can place websurge-allow.txt file in the root folder of your Web site.

The content of the file is ignored as long as the request to /websurge-allow.txt returns an HTTP 200 response.

robots.txt

If you already have a robots.txt file in the root of your site, you can add the following text:

Allow: WebSurge

WebSurge looks for the robots.txt file in the root of the Website and then checks for Allow: WebSurge directive before allowing access to the site.

Make sure the files are Accessible via HTTP

It's important that websurge-allow.txt or robots.txt are not just placed in the root of your site, but are also accessible via HTTP. This can be a problem for ASP.NET MVC applications which often don't serve static file content from disk.

To work around this you may have to set up a custom route to specifically allow the files to be served. For more info on how to handle this ASP.NET MVC and IIS please see this post.


© West Wind Technologies, 2014-2023 • Updated: 10/11/23
Comment or report problem with topic