Users can install and run multiple versions of the .NET Framework on their computers. When you develop or deploy your app, you might need to know which .NET Framework versions are installed on the user’s computer.
Microsoft Security Advisory 4021279: Microsoft is releasing this security advisory to provide information about vulnerabilities in public .NET Core and ASP.NET Core. This advisory also provides guidance on what developers can do to update their applications correctly.
Just stumbled upon the Threads in C# blogpost on CsharpStar. The post gives a nice introduction into what threads in the .NET Framework are, and how to use .NET Thread Class (System.Threading.Thread namespace) for multi-threading, foreground- and background threads and so on.
Securify reports: A DLL side loading vulnerability was found in the .NET Framework version 4.6 when running on Windows Vista or Windows 7. This issue can be exploited by luring a victim into opening an Office document from the attacker’s share. An attacker can use this issue to execute arbitrary code with the privileges of […]
How to remove HTTP response headers in IIS 7, 7.5, 8.0, 8.5, and ASP.NET. Windows Server IIS loves to tell the world that a website runs on IIS, it does so with the Server header in the HTTP response, as shown below. In this post I’ll show you how to remove response server headers in […]
Simple MySQL connection test from your website with ASP.NET, PHP & classic ASP. Whenever you need a MySQL connectivity test from a website or server, it’s handy to have various test scripts nearby. Whether it is because you are setting up a new website or you have just installed a new server and are running […]
How to add custom headers to System.Net.Mail? When sending an email using the MailMessage class (System.Net.Mail namespace) in an ASP.NET website, certain email headers like Message-ID are not always set. When a Message-ID header is missing, email might be blocked by the recipients SMTP server. Therefore it is necessary to set such headers…
How to target multiple ASP.NET versions with AppCmd? When administering an IIS web server you frequently have to use AppCmd.exe to make configuration changes. Whether it is for a specific web site or server wide. Some might think AppCmd has its limitations; for example if they don’t know the options to use they might think […]
This post provides links to some articles I found last week. The posts might be interesting in various fields of expertise, for either system administrators or developers (DevOps). Topics include: web security, WordPress performance, jQuery, ASP.NET MVC caching, partial trust, view state MAC, and fixing IIS website hangs.
Today one of our clients received a System.Net.WebException error on a newly deployed ASP.NET web application. Part of the exception was: “System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.“. Here is how we resolved that issue.
(ASP).NET programmers have to keep certain rules in mind when developing high performance ASP.NET applications, and/or optimizing your existing ASP.NET website. A lot of information is available on this subject. In this post I’ll share some valuable posts, and I continue to update this post when I find something new. Posts about ASP.NET performance I […]
Asp.Net Application Security. Ensure that your ASp.NET application is not susceptible to the scripting attacks that are out there
Defend Against Cross-Site Scripting Using The HTML Encode Shortcuts. The .NET 4.0 & 4.5 frameworks introduced new syntax shortcuts to HTML encode dynamic content being rendered to the browser. These shortcuts provide an easy way to protect against Cross-Site Scripting (XSS) attacks in the newer versions of the .NET framework.
Authenticated SMTP and TLS script examples for ASP, PHP, ASP.NET (C#/VB.Net): if you want to send secure email from your website, over an TLS-encrypted connection, this post is for you! In this post I’ll provide some code examples that you can use to send secure, and authenticated, SMTP email from your website.
Free eBook: OWASP Top 10 for .NET developers