Identity ClientIP Including Port

[jamescoverdale]

It seems the SetIdentity method includes the port that the client has made the request from. So the ClientIP would look like this 192.168.1.1:32456. This port will change with different requests, especially when requests are coming from scrapers/spiders. This means the request gets a different identity key so previous requests are ignored, meaning the rate limit isn’t applied.

There may be a more obvious way to fix this issue? But my solution was to add the following to my custom filter implementation.

protected override RequestIdentity SetIdentity(HttpRequestBase request)
 {
            var identity = base.SetIdentity(request);
            identity.ClientIp = identity.ClientIp.Substring(0, identity.ClientIp.LastIndexOf(":"));

            return identity;
 }