How do I assess whether my ASP.NET web application is easy to break into?
Question
I have to develop an ASP.NET web application and publish it in Windows Azure so that it runs there under IIS7. I don't have any serious experience developing such applications. I constantly hear that "site X was broken into because it was doing Y in a very stupid way". I'm kind of paranoid that I might also be doing Y (and also Z) in a very stupid way and have my application hacked in no time.
Is there a good guideline of making well protected ASP.NET web sites?
3 answers
solution1
3 ACCPTED 2011-07-18 08:11:47
Take a look at the OWASP site and set of guidelines. They are rather extensive.
They have several tools that will detect some types of vulnerabilites.
solution2
2 2011-07-18 08:11:01
You may want to start from the recommended Microsoft Asp.net security practices and browse the various subsections from here. I think it's Asp.net 2.0 related but most of the guidelines still apply (what version will you be working on?).
EDIT : here's the latest version for .net 4.0
solution3
1 2011-07-18 21:45:55
Take a look at the OWASP Top 10 for .NET Developers series. This will give you a step-by-step guide on how to protect against specific vulnerabilities for apps using the ASP.NET framework.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.