New SiteAvailabilityHttpModule - Based on Client IP Address

As part of my company’s Technical Council, we are working on defining our process for promoting code from one environment to the next.  One of the items we wanted to standardize across our enterprise was how we stop a site during a promotion. 

ASP.NET 2.0 has a nice feature for shutting down a site called App Offline.  As Scott Guthrie from Microsoft puts it, “the way [App Offline] works is that you place this file in the root of the application.  When ASP.NET sees it, it will shut-down the app-domain for the application (and not restart it for requests) and instead send back the contents of the app_offline.htm file in response to all new dynamic requests for the application.  When you are done updating the site, just delete the file and it will come back online.”  You can find more out about this technique from the original blog entry here.

Unfortunately, our requirements were a bit more complicated than was intended with the app_offline.htm.  First, most of our applications were written with the 1.1 framework, so this built-in functionality was not available for our use.  In addition, we wanted the ability for testers to be able to validate the site once the changes had been made.  However, we didn’t want to have to bring the site back up in order to do that.

As I was looking on line, I found another option called the SiteAvailabilityHttpModule.  This module allowed for the site to be shut down by merely configuring an HttpModule within the web.config.  In the Init() event, the module subscribes to the PostAuthorizeRequest event.  Within the event handler, the system determines whether or not the request occurred during an accepted time frame and whether or not the requesting user belonged to the administrator role. 

We didn’t need either of those features for our deployment.  Instead of using a role-based mechanism for determining a user’s access, we wanted to base access on a configured list of client IP addresses.  As a result, we didn’t need to wait until the PostAuthorizeRequest event – we could check these aspects within the first event – BeginRequest instead.  The code is listed below.

void context_BeginRequest(object sender, EventArgs e)


     string ext = Path.GetExtension(HttpContext.Current.Request.Path).ToLower();             

     if(ext == ".aspx")


          if (this.IsEnabled)


               if (!IsClientIPValid())







Notice that you must place a SiteUnavailable.htm file at the root of the site in order to display content if the user’s client IP address does not match one that is configured in the web.config.  You can find the current release for this component here.

Decision to Reject a Counter Offer

So – I have decided to leave my company of 4 ½ years.  It was a difficult decision, as any decision is to leave your company is.  I really have enjoyed working with the various teams that I have been involved with.  The main driving force was a greater need to connect with people locally.  I currently work out of a remote office in Dallas, with the rest of my team being in Chicago, but I enjoy the atmosphere of working with a local team and being able to informally discuss issues and connect at a more personal level.

The problem – I submit my resignation, and within a day, I receive a counter offer.  I won’t go into the specifics of what they offered me, but suffice it to say that I began to wonder if it wouldn’t be worth my while to stay for another year or two. 

I write this post to explain to others and remind myself of why I decided to stick with my decision to leave my current employer.

1.  It’s all a mirage.

The offer from my current employer only really existed the moment that I put my resignation in.  Therefore, it’s really just an illusion.  I can’t rationalize or try to get myself to believe that these two options were going to exist at the time of my initial decision.  It was flattering, though.

2.  Potential Problems

I did all of the online research I could to see if accepting a counter offer was legitimate.  Most information that I gathered suggested that it would not be a good idea, because 99% of the time the employee is gone within 6-12 months either because the original issue was not addressed by the counter offer or the employer replaced the person since they were disloyal.  And most posts mentioned that it was an unethical move.

3.   Integrity is at issue.

The moment that I began to entertain accepting the counter offer, I began to feel wrong inside.  Although I agreed with all of the information I found online, that wasn’t what was really eating at me.  I felt that I was wronging the company that I had said, “yes,” to.  They would have to start their search all over again.  That didn’t feel right.  I couldn’t face myself in the mirror if I felt that I had done something to hurt someone.

4.   Spiritual

And finally, as I lay in bed at night, I found myself crying out to God to give me wisdom.  I wanted to make sure that whatever I chose to do, it was what the Lord thought was right.  And at 2:00 am in the morning, the day before I rejected the counter offer, a verse came to my mind that I had not read for over 6 months:  “Who swears to his own hurt, and does not change…”  This is part of a larger passage of scripture in Psalms chapter 15, where King David asks “O Lord, who shall sojourn in your tent?  Who shall dwell on your holy hill?”  And the list that follows explains the qualities of one who can fellowship with the Lord.  And keeping promises must be high on His list. 

I couldn’t deny the voice of God.  Accepting a counter offer was wrong not only because it isn’t real, it might potentially cause me harm, and it might damage my reputation with others.  It might also cause harm to my neighbor – or in this case, my future employer.  I couldn’t do that with a good conscience.  It would keep me from fellowshipping with the One whom I don’t want to miss out on.