Ask your technical questions on forums or here :
ASP.NET or MVC | C# | Windows Phone
Microsoft Technology Journals by Abhimanyu K Vatsa
Showing posts with label Security. Show all posts
Showing posts with label Security. Show all posts

3 Jun 2017

Free SSL Certificate for your website - from CloudFlare

In this video post you will learn about free SSL certificate and its installation. This free SSL certificate is from CloudFlare but due to lack of installation guidelines and step by step we as a developer ignores this. Using CloudFlare SSL is a great advantage because you get other service for free too. Off-course, with paid plans you will get all the gems. Remember this never affects your SEO ranks.

Now, let's begin talking about this free SSL certificate. CloudFlare SSL sits between your user and your hosting server. So any potential attack is taken care by CloudFlare before they reach your server. So your user will see SSL certificate till their request reaches CloudFlare server.

If you already have a website running without SSL and you want to get this, then i would recommend to take a screenshot of your domain NS, CNAME, A, AAAA, MX records before you try this.

If you don't want any downtime, off-course, then steps would be like: whatever settings you have on your domain dashboard DNS (including CNAME, A, AAAA, MX etc) copy them to CloudFlare and set Flexible SSL option on crypto page. After that wait for 24 hours or email confirmation from CloudFlare regarding SSL issuance.

Once you get confirmation, just update/use CloudFlare NS records on your domain dashboard, that's it. Just wait for DNS propagation for few hours then you will start browsing using SSL.

Now here's the video that will guide you end to end to setup this.

Hope this helps.

25 Nov 2013

Seeding ASP.NET Identity Database

In this post you will learn how to seed User’s Profile database tables (AspNetUsers and UserProfileInfoes, we created in last post) with dummy data.

24 Nov 2013

Customizing User's Profile to add new fields in brand new database table

In this post you will learn how to customize User’s Profile and add new fields/properties/columns (FirstName, LastName and EmailID) in a brand new table with ASP.NET Identity System.

23 Nov 2013

Customize User's Profile in ASP.NET Identity System

Note: You should read this post instead, I found below walkthrough will not work on ASP.NET Identity 2. I will re-work on this post soon.

In this post you will learn how to customize User’s Profile and add some more fields like FirstName, LastName, EmailID etc with ASP.NET Identity System. In my last post I listed some of the great new features introduced with Identity system.

19 Nov 2013

ASP.NET Identity System in Visual Studio 2013 - New Feature

In this post you will learn about a very new enhancement in ASP.NET Framework technologies (MVC, Web Forms, Web Pages, Web API and SignalR) known as ‘ASP.NET Identity System’ with the release of Visual Studio 2013. This enhancement well defines the meaning of ‘One ASP.NET’, because this can be used with all ASP.NET Framework technologies more easily than before.

29 May 2013

Windows Authentication in MVC4 with IIS Express

MVC4 gone through some major changes in Windows Authentication functionality with IIS Express. In this article you will learn how to enable Windows Authentication in MVC4 Web Application on IIS Express, just follow the given steps.

2 Mar 2013

Enable Password Resetting with Simple Membership in MVC 4

In this article you will learn how to enable password resetting (in case user forgot the password) with Simple Membership in MVC. User needs to type his username and system will check its existence, if found correct this will send an email containing dynamically generated URL with username and password reset token.

22 Feb 2013

Output Caching in MVC

In this article you will learn everything about ‘Output Caching in MVC’. I will take you by showing some real examples to make your view crystal clear.

19 Feb 2013

Best way to prevent Cross Site Request Forgery Attacks in MVC 4

In this article you will learn what CSRF is and best way to prevent such attacks. After a quick introduction about CSRF I will show you an example where attacker will change the profile information with one-click.

16 Feb 2013

Avoiding Cross-Site Scripting (XSS) Attacks with AntiXSS in MVC 4

In this article you will learn how to avoid XSS attacks in MVC Application with Microsoft’s AntiXSS library. I will show you a case where user will submit the malicious HTML markup with message and it will start displaying annoying alert. Then I will move on and show you how to prevent it with AntiXSS.

23 May 2012

Free eBook - OWASP Top 10 for .NET Developers


My one of the techie friend Troy Hunt (Microsoft MVP) got a free eBook titled "OWASP Top 10 for .NET developers" for you. I've gone through this eBook and find it awesome. He really did a great job. I recommend you to read this if you really want to improve your .NET security skills.

The complete eBook has 10 Parts with 255 Pages.

Go here, and download that eBook.