CheapWindowsHosting.com | Best and cheap windows ASP.NET hosting. In this post I will explains you about tips to transfer domain names. Here are a few tips that will certainly make the process of a domain name transfer a lot easier for you:
This may seem like a whole lot to remember but once you have transferred a few domains successfully, the process will start to appear a lot simpler and you will not have too much trouble anymore.
CheapWindowsHosting.com | Best and cheap ASP.NET hosting. As the usage of the internet and the number of web applications over the internet have gone exponentially high there are bad people who continuously work around the clock to hack them. It may be for personal gain or just as an amateur act. Despite the intention of the bad guy the damage caused to the organization hosting the site or its users should be taken into account. As a professional web application developer it is a must to be aware of the best practices to follow in order to make the application more secure. In this article I will be listing and explaining my top 7 tips for developing a secure asp.net application.
Best OFFER Cheap ASP.NET 5 Hosting ! Click Here
Have you ever thought about someone framing your website onto theirs, making your users to be the victims of click jacking? Yes, the attackers can load your website onto their site in an iframe. They can then skillfully place their transparent controls over your website and fetch the PII information, user credentials, make them perform an unwanted task like exposing their financial information, etc.
In order to prevent that you will have to use a frame busting technique. The following script will not allow your website to be iframed. This can be placed in your master pages.
<script type="text/javascript" language="javascript">
//Check if the top location is same as the current location
if (top.location.hostname != self.location.hostname) {
//If not then set the top to you current
top.location.href = self.location.href;
}
</script>
In addition to the above script don’t forget to add the following header, which informs the browser to DENY framing of this website. This is supported in all major browsers except IE versions less than 8.
The header should be added in the global.asax application start event.
protected void Application_Start(object sender, EventArgs e)
{
HttpContext.Current.Response.AddHeader("x-frame-options", "DENY");
}
Though we have many techniques to perform the security preventions inside the application it is most important to prevent the bad data from being entered into your website at the first place. Most attacks happen through the query string values passed through the URL. It is a best security practice to define a common place like an HttpModule to white list the URL, i.e. sanitize the entire URL with a set of white listed characters and drop all the bad ones. It means you will not encourage any other characters apart from a white listed set defined in your application.
It is important for you to know that black listing is not a foolproof mechanism and it can be broken by the hackers easily.
While processing and sending, the data in the response that is fetched from outside the trust boundary should always be encoded. The type of encoding may differ based on the usage of the non-trusted data. For example perform an HtmlEncode for the data that is sent to the client page.
Label1.Text = Server.HtmlEncode(Request.QueryString["BadValue"]);
Encoding the data will make the XSS scripts inactive and prevent them from being executed. Microsoft has provided the AntiXss library, which provides more sophisticated encoding methods including the JavascriptEncode.
As a web developer you should take utmost care while using cookies, which may open a back door for the hackers to get into your applications. Following are the best practices while using a cookie to store information.
HttpCookie cookie = new HttpCookie("MySecureCookie");
cookie.Value = "This is a PII information";
cookie.Secure = true;
Are you exposing WCF services through basicHttpBinding? Then think again because the messages transmitted over will be plain text and any intruder will be able to trap the requests and even simulate them easily. Use wsHttpBinding, which will transport the messages in an encrypted format, which makes the life of the intruder hard.
Though you make lots of protections for your WCF or web services it is a best practice to host the services under an SSL layer.
It is strongly recommended not to deploy your applications in the production environment with compilation debug=”true” in your web.config. This will result in a big nightmare for performance and security of the application.
This may leak too much information for the attackers, for example the stack trace in the event of an unhandled exception and the debug trace information. Such exposure of the internals will be good bucks for the attackers
<system.web>
<compilation debug="false" targetFramework="4.0" />
</system.web>
Turning off ViewStateMAC will create a security loophole in your asp.net application if you are using Viewstate on your web pages. The intruders will easily be able to intercept, read the 64 bit encoded values and modify them to do some bad things to your website. Having it turned on ensures that the viewstate values are not only encoded but also a cryptographic hash is performed using a secret key.
<pages enableViewStateMac="true"></pages>
I hope this article is useful for the developers who thrive at making their asp.net application an absolutely impossible place for the hackers to deal with.
Happy reading!
CheapWindowsHosting.com | Best and cheap ASP.NET hosting. In this post we will explain about how to boost your ASP.NET performance.
ASP.NET is a web application server framework that has been designed to make the process of website development easier , especially for the creation of dynamic web pages . It is important to understand the usefulness of ASP.NET applications in building efficient , robust and reliable .
Below are my top 7 tips to improving ASP.net application Performance :
1 . Use HTTPServerUtility.Transfer instead of Response.Redirect
Redirect ‘s are also very chatty . They should only be used when you are transferring people to another physical web server . For any transfers within your server , use . Transfer! You will save a lot of needless HTTP requests.
2 . Always check Page.IsValid when using Validator Controls
So you’ve dropped on some validator controls , and you think your good to go Because ASP.net does everything for you ! Right ? Wrong ! All that happens if bad the data is received is the IsValid flag is set to false . So the make sure you check Page.IsValid before processing your forms !
3 . Deploy with Release Build
Make sure you use the Release Build mode and not Debug Build when you deploy your site to production . If you think this does not matter , think again . By running in debug mode , you are creating PDB ‘s and cranking up the timeout . Deploy Release mode and you will see the speed improvements .
4 . Pre – Compiling ASP.NET Application
When compiling an ASP.NET application project , a single assembly is created to hold all the application ‘s code but the web pages ( . Aspx ) and user controls ( . Ascx ) not compiled and be deployed as it is . In the first request ASP.NET dynamically compiles the web pages and user control and places the compiled files in the ASP.NET temporary files folder .
To reduce the time of the first request a web application can be pre-compiled , Including all the code , pages , and user controls , by using the ASP.NET compilation tool ( Aspnet_compiler.exe ) . Running this tool in production servers can reduce the delay users experience on first requests .
Aspnet_compiler.exe – v / FullPathOfYourWebApplication
5 . Disable Session State
Disable Session State if you’re not going to use it . By default it ‘s on . You can actually turn this off for specific pages, instead of for every page :
< % @ Page language = " c # " Codebehind = " WebForm1.aspx.cs "
AutoEventWireup = “false ” Inherits = ” WebApplication1.WebForm1 “
">EnableSessionState = "false " % >
mode value to Off. “>You can also disable it across the application in the web.config by setting the value to Off mode .
6 . Repeater Control Good, DataList, DataGrid, and DataView controls Bad
Asp.net is a great platform , unfortunately a lot of the controls that were developed are heavy in html , and create not the greatest scaleable html from a performance standpoint . ASP.net repeater control is awesome ! Use it ! You might write more code , but you will thank me in the long run !
7 . Create Per -Request Cache
Use HTTPContect.Items to add single page load to create a per – request caching.
ASPHostPortal.com provides its customers with Plesk Panel, one of the most popular and stable control panels for Windows hosting, as free. You could also see the latest .NET framework, a crazy amount of functionality as well as Large disk space, bandwidth, MSSQL databases and more. All those give people the convenience to build up a powerful site in Windows server. ASPHostPortal.com offers ASP.NET hosting starts from $1/month only. They also guarantees 30 days money back and guarantee 99.9% uptime. If you need a reliable affordable ASP.NET Hosting, ASPHostPortal.com should be your best choice.