Tag Archives: tips ASP.NET hosting

ByAlexia Pamelov

Cheap Windows Hosting Tutorial – Tips Easy To Transfer Domain Name

CheapWindowsHosting.com | Best and cheap windows ASP.NET hosting. In this post I will explains you about tips to transfer domain names. Here are a few tips that will certainly make the process of a domain name transfer a lot easier for you:

domain-transfer

  • Firstly, avoid domain name transfers if you are near your date of renewal. Give yourself ample time before initiating these transfers just in case there is something which goes wrong. Two weeks is doable, a month is recommended. Anything less than that and you will be cutting it real close.
  • You should also make sure that the domain you want to transfer has been unlocked before you begin this process or your request for a transfer is going to be denied. Domains are usually locked in order to prevent any unauthorized transfers. So if you are ready to begin a transfer, you should first go to the control panel of your domain and unlock it.
  • Ensure that the contact email ID in your website account is correct. Most of the process of transfer will rely on email notifications at each step. If you aren’t getting all of these notifications, it is going to slow down the process drastically. Also, there are many registrars who do not allow transfers if any of the registrant details have been changed in the last few months. Go through the transfer FAQ of your registrar before you change any of your contact information.
  • In the case of most domains, you are going to require a special code that will come from your registrar. But since nothing is so simple as far as domain transfers are concerned, the code is going to be called a number of different things like authorization code, EPP, transfer key, AuthInfo code, transfer secret, etc. There are certain registrars who may just provide this code in the control panel directly. Others may send it to you in an email. Again, if you are stuck, the transfer FAQ of your registrar will help you progress.
  • Keep a look out for an email from the new registrar regarding the transfer request. Be sure to accept the transfer when you get this email. You should get a similar email from the old registrar too along with an intimation that your transfer is pending. If you don’t finish these steps on your own, your transfer may be delayed by a number of days or may just be blocked completely.
  • You should also note down the services which you are using through your present registrar like domain parking, email, forwarding, custom DNS, etc. You are going to have to ensure that the new registrar also offers these services to you and set each of them up once the transfer has been completed. You should know that there is going to be a time lag between the time when your services are stopped by the old registrar and restarted by the new register.

This may seem like a whole lot to remember but once you have transferred a few domains successfully, the process will start to appear a lot simpler and you will not have too much trouble anymore.

ByAlexia Pamelov

Cheap Windows ASP.NET Hosting Tutorial – Tips for Developing a Secure ASP.NET Web Application

CheapWindowsHosting.com | Best and cheap ASP.NET hosting.  As the usage of the internet and the number of web applications over the internet have gone exponentially high there are bad people who continuously work around the clock to hack them. It may be for personal gain or just as an amateur act. Despite the intention of the bad guy the damage caused to the organization hosting the site or its users should be taken into account. As a professional web application developer it is a must to be aware of the best practices to follow in order to make the application more secure. In this article I will be listing and explaining my top 7 tips for developing a secure asp.net application.

Best OFFER Cheap ASP.NET 5 Hosting ! Click Here

Don’t Let Your Users be Victims of Click Jacking

Have you ever thought about someone framing your website onto theirs, making your users to be the victims of click jacking? Yes, the attackers can load your website onto their site in an iframe. They can then skillfully place their transparent controls over your website and fetch the PII information, user credentials, make them perform an unwanted task like exposing their financial information, etc.

In order to prevent that you will have to use a frame busting technique. The following script will not allow your website to be iframed. This can be placed in your master pages.

<script type="text/javascript" language="javascript">
       //Check if the top location is same as the current location
       if (top.location.hostname != self.location.hostname) {
           //If not then set the top to you current
           top.location.href = self.location.href;
       }
   </script>

In addition to the above script don’t forget to add the following header, which informs the browser to DENY framing of this website. This is supported in all major browsers except IE versions less than 8.

The header should be added in the global.asax application start event.

protected void Application_Start(object sender, EventArgs e)
{
            HttpContext.Current.Response.AddHeader("x-frame-options", "DENY");
}

White List the Request URL

Though we have many techniques to perform the security preventions inside the application it is most important to prevent the bad data from being entered into your website at the first place. Most attacks happen through the query string values passed through the URL. It is a best security practice to define a common place like an HttpModule to white list the URL, i.e. sanitize the entire URL with a set of white listed characters and drop all the bad ones. It means you will not encourage any other characters apart from a white listed set defined in your application.

It is important for you to know that black listing is not a foolproof mechanism and it can be broken by the hackers easily.

Practice of Encoding the Data

While processing and sending, the data in the response that is fetched from outside the trust boundary should always be encoded. The type of encoding may differ based on the usage of the non-trusted data. For example perform an HtmlEncode for the data that is sent to the client page.

Label1.Text = Server.HtmlEncode(Request.QueryString["BadValue"]);

Encoding the data will make the XSS scripts inactive and prevent them from being executed. Microsoft has provided the AntiXss library, which provides more sophisticated encoding methods including the JavascriptEncode.

Using Cookies

As a web developer you should take utmost care while using cookies, which may open a back door for the hackers to get into your applications. Following are the best practices while using a cookie to store information.

  • Is your website is hosted under SSL? Then be sure to mark your cookies as secure. This will make them available only in the SSL transmissions.
HttpCookie cookie = new HttpCookie("MySecureCookie");
  cookie.Value = "This is a PII information";
  cookie.Secure = true;
  • If your website is not SSL enabled then always encrypt the values using a strong encryption mechanism like AES 256 and then store them in the cookies.

Secure the Service Calls (WCF / Web Service)

Are you exposing WCF services through basicHttpBinding? Then think again because the messages transmitted over will be plain text and any intruder will be able to trap the requests and even simulate them easily. Use wsHttpBinding, which will transport the messages in an encrypted format, which makes the life of the intruder hard.

Though you make lots of protections for your WCF or web services it is a best practice to host the services under an SSL layer.

Never Deploy the Application with debug=”true”

It is strongly recommended not to deploy your applications in the production environment with compilation debug=”true” in your web.config. This will result in a big nightmare for performance and security of the application.

This may leak too much information for the attackers, for example the stack trace in the event of an unhandled exception and the debug trace information. Such exposure of the internals will be good bucks for the attackers

<system.web>
        <compilation debug="false" targetFramework="4.0" />
    </system.web>

Thinking About Turning Off ViewStateMAC?

Turning off ViewStateMAC will create a security loophole in your asp.net application if you are using Viewstate on your web pages. The intruders will easily be able to intercept, read the 64 bit encoded values and modify them to do some bad things to your website. Having it turned on ensures that the viewstate values are not only encoded but also a cryptographic hash is performed using a secret key.

<pages enableViewStateMac="true"></pages>

I hope this article is useful for the developers who thrive at making their asp.net application an absolutely impossible place for the hackers to deal with.

Happy reading!

 

ByAlexia Pamelov

Cheap Windows ASP.NET Hosting – Tips To Boost Your ASP.NET Performance

CheapWindowsHosting.com | Best and cheap ASP.NET hosting. In this post we will explain about how to boost your ASP.NET performance.

ASP.NET is a web application server framework that has been designed to make the process of website development easier , especially for the creation of dynamic web pages . It is important to understand the usefulness of ASP.NET applications in building efficient , robust and reliable .

businessman-with-a-computer_1012-166

Below are my top 7 tips to improving ASP.net application Performance :

1 . Use HTTPServerUtility.Transfer instead of Response.Redirect

Redirect ‘s are also very chatty . They should only be used when you are transferring people to another physical web server . For any transfers within your server , use . Transfer! You will save a lot of needless HTTP requests.

2 . Always check Page.IsValid when using Validator Controls

So you’ve dropped on some validator controls , and you think your good to go Because ASP.net does everything for you ! Right ? Wrong ! All that happens if bad the data is received is the IsValid flag is set to false . So the make sure you check Page.IsValid before processing your forms !

3 . Deploy with Release Build

Make sure you use the Release Build mode and not Debug Build when you deploy your site to production . If you think this does not matter , think again . By running in debug mode , you are creating PDB ‘s and cranking up the timeout . Deploy Release mode and you will see the speed improvements .

4 . Pre – Compiling ASP.NET Application

When compiling an ASP.NET application project , a single assembly is created to hold all the application ‘s code but the web pages ( . Aspx ) and user controls ( . Ascx ) not compiled and be deployed as it is . In the first request ASP.NET dynamically compiles the web pages and user control and places the compiled files in the ASP.NET temporary files folder .

To reduce the time of the first request a web application can be pre-compiled , Including all the code , pages , and user controls , by using the ASP.NET compilation tool ( Aspnet_compiler.exe ) . Running this tool in production servers can reduce the delay users experience on first requests .

  • Open a command prompt in your production server .
  • Navigate to the % windir % Microsoft.Net folder
  • Navigate to either the Framework or Framework64 According to the configuration of the web application ‘s application pool .
  • Navigate to the framework version ‘s folder .
  • Enter the following command to start the compilation

Aspnet_compiler.exe – v / FullPathOfYourWebApplication

5 . Disable Session State

Disable Session State if you’re not going to use it . By default it ‘s on . You can actually turn this off for specific pages, instead of for every page :

< % @ Page language = " c # " Codebehind = " WebForm1.aspx.cs "

AutoEventWireup = “false ” Inherits = ” WebApplication1.WebForm1 “

">EnableSessionState = "false " % >

mode value to Off. “>You can also disable it across the application in the web.config by setting the value to Off mode .

6 . Repeater Control Good, DataList, DataGrid, and DataView controls Bad

Asp.net is a great platform , unfortunately a lot of the controls that were developed are heavy in html , and create not the greatest scaleable html from a performance standpoint . ASP.net repeater control is awesome ! Use it ! You might write more code , but you will thank me in the long run !

7 . Create Per -Request Cache

Use HTTPContect.Items to add single page load to create a per – request caching.

Best ASP.NET Core 1.0 Hosting Recommendation

asphostportal-icon-e1421832425840-120x120-e1424663413602ASPHostPortal.com provides its customers with Plesk Panel, one of the most popular and stable control panels for Windows hosting, as free. You could also see the latest .NET framework, a crazy amount of functionality as well as Large disk space, bandwidth, MSSQL databases and more. All those give people the convenience to build up a powerful site in Windows server. ASPHostPortal.com offers ASP.NET hosting starts from $1/month only. They also guarantees 30 days money back and guarantee 99.9% uptime. If you need a reliable affordable ASP.NET Hosting, ASPHostPortal.com should be your best choice.

Simpan

Simpan