Tagged pages

Found 10 articles tagged with Security

Simple Office365 authentication
Use Office365 account login for your application
With so many online and cloud based services, adding one more additional account for your application adds additional complexity level for your users since they will have to manage one more account and remember one more password. Microsft ASP.NET comes with pretty nice built in provides for social networks, but for office usage social networks are not so convenient to be used. ... read more
Advanced IP address filtering in MVC and WebApi
Restrict or allow specific IP addresses to access your WebApi or MVC
Last year I wrote an article about IP address filtering on MVC and WebApi Restrict Access to an MVC Action or Controller based on IP address. Over time the requirements for IP filtering in several web based application increased, so I had t work on this class to make it more extendible and reusable in different scenarios. The new scenarios I wanted to cover are: ... read more
Authentication via headers
Simple Web API authentication using request headers
Authentication in web services is a bit more different than with web pages because of one simple reason. There is no UI for entering credentials to authenticate to consume service... read more
Hide IIS server info in a resposne
Hide server info in ASP.NET with simple web.config setting
Last year I wrote an article about ASP.NET web application security check list. Apparently there are always more things to add to improve your web application security... read more
ASP.NET web application security check list
Things to do before your web application goes live
There are several things to be taken care of during development and before deployment to keep you online web app tip top regarding performance and security. 1. Logging informations ... read more
Restrict image and CSS hotlinking of your ASP.NET website
Blocking hotlinking with IIS Url Rewrite
I did not rely how important to restrict hot-linking until one day my friend came to me and told me that he has to pay additional money for the bandwidth on his website. He was surprised that he reached bandwidth quota limit. It was weird, but after some logging of requests coming to a website we realized that most of the requests were initiated from some other website... read more
The X-Frame-Options response header
Restricting your page being used in IFrames (click jacking)
I found this header option repeating in many guidelines for securing the web application. By adding these headers to response, it restricts browser to load your page into an iFrame tag. ... read more
Restrict Access to an MVC Action or Controller based on IP address
IP Address Filtering in MVC Controller
When you are developing a back-end web application, you might want to restrict access only to people who are working in the company which is maintaining the content or any other operations in the back-end and allowing public access only for the public, usually read-only content. This means you still have to leave some parts of your application public and for some you need to restrict access for the people outside of a network (certain IP range). ... read more
I lost my Umbraco admin password, now what?
A tool to re-set your umbraco user password
So you got a new requirement for the website you worked on ages ago. You try to login to Umbraco but your password is not correct... read more
Google had changed their policy for fetching profile image
New way to fetch google+ profile image
Google have recently decided to change the way you can fetch profile image. Good old building of image URL is not supported anymore after Google has applied security policy. In good old, but unfortunately deprecated approach you only needed profile id to build a URL for fetching Google+ profile image like the following: ... read more