Tagged articles
Image from Pexels

Tagged articles - Security

Found 14 articles tagged with Security

Using dotnet nuget package vulnerability scan in Azure DevOps build
Listing nuget vulnerabilities and controlling build in Azure DevOps
0
Since December 2021 when Log4Shell vulnerabilty caused by popular package for logging in Log4j for Java was discovered here is raised certain level of awareness of using OpenSource packages in application. Because of these cases it is critical that you have indicator whether you are using a dependency with reported vulnerability before you make your application available for wide audience, practically before you do the production release...read more
Supporting multiple authentication schemes in asp.net core webapi
Using more than one authentication schemes in webapi projects
0
Is is not so often than you have to use more than one authentication schemes in your project, but there are some corner cases when you have to do so. One of it is a scenario where you are supporting some weaker authentication schema like basic http authentication where credentials are supplied pretty much on every request. This kind of loosen security schema is to some limited extend suitable for internal APIs meaning that no other than users or most likely application within your organization network will access...read more
Custom SignalR hub authorization in ASP.NET Core
ASP.NET Core SignalR hub authorization
 
0
SignalR is number one choice for real-time communication between server and client. It implements several transports for communication between server and client...read more
Simple implementation of ASP.NET Web API Basic authentication security
Securing Web API with simple basic authentication and consuming it from the client code
 
0
Authentication in web services is a bit more different than with web pages because of one simple reason. There is no UI for entering credentials to authenticate to consume service...read more
Exporting SSL certificate to PFX format for using on IIS or Azure
Getting SSL certificate PFX format for IIS or Azure WebApp using OpenSSL
0
Hether your website requires SSL secured connection through HTTPS or not, it is even recommended by Google to use SSL for your website. Starting from 2005 Google page ranking takes into consideration whether your page has SSL certificate installed and serer content thorough HTTPS. If you are hosting your website on IIS, you have some built in tols in Internet Information Service (IIS) manager, for SSL certificate operations but they are pretty limited and most of the time confusing to use. ...read more
Simple Office365 authentication
Use Office365 account login for your application
0
With so many online and cloud based services, adding one more additional account for your application adds additional complexity level for your users since they will have to manage one more account and remember one more password. Microsft ASP.NET comes with pretty nice built in provides for social networks, but for office usage social networks are not so convenient to be used. ...read more
IP address filtering from C# code in ASP.NET MVC and Web Api
Restrict or allow specific IP addresses to access your WebApi or MVC
 
0
Last year I wrote an article about IP address filtering on MVC and WebApi Restrict Access to an MVC Action or Controller based on IP address. Over time the requirements for IP filtering in several web based application increased, so I had t work on this class to make it more extendible and reusable in different scenarios...read more
Hide IIS server info in a resposne
Hide server info in ASP.NET with simple web.config setting
0
Last year I wrote an article about ASP.NET web application security check list. Apparently there are always more things to add to improve your web application security...read more
ASP.NET web application security check list
Things to do before your web application goes live
0
There are several things to be taken care of during development and before deployment to keep you online web app tip top regarding performance and security. 1. Logging informations ...read more
Restrict image and CSS hotlinking of your ASP.NET website
Blocking hotlinking with IIS Url Rewrite
0
I did not rely how important to restrict hot-linking until one day my friend came to me and told me that he has to pay additional money for the bandwidth on his website. He was surprised that he reached bandwidth quota limit. It was weird, but after some logging of requests coming to a website we realized that most of the requests were initiated from some other website...read more
The X-Frame-Options response header
Restricting your page being used in IFrames (click jacking)
0
I found this header option repeating in many guidelines for securing the web application. By adding these headers to response, it restricts browser to load your page into an iFrame tag. ...read more
Restrict Access to an MVC Action or Controller based on IP address
IP Address Filtering in MVC Controller
0
When you are developing a back-end web application, you might want to restrict access only to people who are working in the company which is maintaining the content or any other operations in the back-end and allowing public access only for the public, usually read-only content. This means you still have to leave some parts of your application public and for some you need to restrict access for the people outside of a network (certain IP range). ...read more
I lost my Umbraco admin password, now what?
A tool to re-set your umbraco user password
 
0
So you got a new requirement for the website you worked on ages ago. You try to login to Umbraco but your password is not correct...read more
Google had changed their policy for fetching profile image
New way to fetch google+ profile image
0
Google have recently decided to change the way you can fetch profile image. Good old building of image URL is not supported anymore after Google has applied security policy. In good old, but unfortunately deprecated approach you only needed profile id to build a URL for fetching Google+ profile image like the following: ...read more

.NET

read more

JavaScript

read more

SQL/T-SQL

read more

Umbraco CMS

read more