Library tutorials & articles
Top 10 Application Security Vulnerabilities in Web.config Files - Part One
Introduction
Some enlightened software architects and developers are becoming educated on these threats to application security and are designing their Web-based applications with security in mind. By "baking in" application security from the start of the development process, rather than trying to "brush it on" at the end, you are much more likely to create secure applications that will withstand hackers' attacks. However, even the most meticulous and security-aware C# or VB.NET code can still be vulnerable to attack if you neglect to secure the Web.config configuration files of your application. Incorrectly configured Web-based applications can be just as dangerous as those that have been incorrectly coded. To make matters worse, many configuration settings actually default to insecure values.
This article lists five of the "worst offenders" of misconfigurations of application security that are universally problematic for all ASP.NET Web-based applications. Part two of this article will list an additional five misconfigurations that are specifically applicable to ASP.NET sites that use Web Forms authentication. So without further ado, let's get started!
Related articles
Related discussion
-
Buy cheap Xanax overnight. Cheap Xanax. Overnight delivery of Xanax in US no prescription needed. Cheapest Xanax.
by asleymar (0 replies)
-
Buy Soma online without a prescription. Soma drug no prescription. How to get Soma prescription. Soma cod accepted.
by asleymar (0 replies)
-
Cheap online order Fioricet. Cheap discount Fioricet. Offshore Fioricet online. How to buy Fioricet online without a prescription.
by asleymar (0 replies)
-
Buy Ambien no visa without prescription. Not expensive Ambien prescriptions. Ambien no rx. Cod delivery Ambien.
by asleymar (0 replies)
-
Tramadol without doctor rx. Buy Tramadol over the counter cod overnight. Cheap Tramadol cod delivery. Buy Tramadol from mexico online.
by asleymar (0 replies)
Related podcasts
-
Episode 36: Scott Watermasysk
This week, the Herding Code cast talks shop with Scott Watermasysk about cloud computing, blogging platforms, Internet Explorer, the DotNetOpenId project and much more: Scott W, Scott K and Jon discuss Azure, Amazon Web Services and Google App Engine. Jon asks Scott W to share his thoughts on bl...
Events coming up
-
Mar
15
DevWeek 2010
London, United Kingdom
DevWeek is Europe’s leading independent conference for software developers, database professionals and IT architects, and features expert speakers on a wide range of topics, including .NET 4.0, Silverlight 3, WCF 4, Visual Studio 2010, REST, Windows Workflow 4, Thread Synchronization, ASP.NET 4.0, SQL Server 2008 R2, LINQ, Unit Testing, CLR & C# 4.0, .NET Patterns, WPF 4, F#, Windows Azure, ADO.NET, Entity Framework, Debugging, T-SQL Tips & Tricks, and more.
This thread is for discussions of Top 10 Application Security Vulnerabilities in Web.config Files - Part One.