WCF Security
Hi all, I'm not sure if this is the appropriate forum for my questions but here goes. Suppose I have an app that uses WCF to send and receive text messages and image files across the web, and the...
View ArticleStrange IP Addresses and Service Providers
In my analytics, I'm seeing hits to my websites.Many of them are government IP addresses such as the DOD (Department of Defense)I also have this information that I don't understand[ipv4 address block...
View ArticleReceiving errors for a domain I don't control
I have my site set up to email me whenever an error happens, and recently I've been getting an occasional blast of about 50 notifications (once every day or two) about a page not found error, but the...
View ArticleClik here to view.
System.Security.SecurityException when setting .NET Trust Level to High
Hello,I am getting System.Security.SecurityException when setting .NET Trust Level toHigh in IIS (version 8.0), please refer to below screenshot for further error details. I am using .NET framework...
View ArticleURI Format not supported.The remote server returned an error: (401)...
Hi,I want to download the document from below mentioned URL. When i try to download directly in the IE URL, it will be asking username and password credential to open the document.But, when i try to...
View ArticleGroup based Authentication through Active Directory - restrict access to...
The code below works with my AD account groups and the login page goes to the page i need (mysecurepage.aspx) after I login using the username and password from the AD group.However, im having a bit of...
View ArticleRemove Server information from HTTP header response?
How to remove Server information in Http header programatically?i don't want to use Urlscan or any other toolIn Global.asax file Application_PreSendRequestHeaders event i have below...
View ArticleUsing X509Certificate2 to get PrivateKey causes CryptographicException...
Hi, everyone,I am developing a web application that uses X509Certificate2 to get a private key from a certification file. Code snippet looks like following: public static RSACryptoServiceProvider...
View Articlecross site scripting issue with javascript code behind
We have scanned our site for vulnerabilities. We received a warning message on this code("StaticPostBackScrollVerticalPosition") for potential cross-site scripting.What needs to be changed to fix this...
View ArticleCSRF question
I am investigating a CSRF finding in asp.net c# code behind as shown in the following code:LinkButton LinkButtonControl = new LinkButton(); LinkButtonControl.ID = Name;Now, I feel that the following...
View Article#NEW Robux Hack - Free 100K Robux
NEW Robux Hack - Free 100K Robux is our latest online tool. Now you can get free robux using our robux hack generator tool.Check this out => http://generator-online.us/robloxGenerating Robux from...
View ArticleUsing X509Certificate2 to get PrivateKey causes CryptographicException...
Hi, everyone,I am developing a web application that uses X509Certificate2 to get a private key from a certification file. Code snippet looks like following: public static RSACryptoServiceProvider...
View ArticleRemoval of "server" from HTTP Response Headers
Hi everyone, I am trying to remove the "server" from the HTTP Response Headers through the Global.asax file as shown below but it is not working. I am using IIS6 and asp.net 2.0.May I know how do I...
View ArticleTLS 1.2 protocol configuration compatibility with Windows OS versions for...
Hi, Have one windows web server with OS as windows server 2012 and TLS 1.2 configurations enabled on it. But my applications are giving an error and not able to connect to my database server with OS...
View Articlecross site scripting issue with javascript code behind
We have scanned our site for vulnerabilities. We received a warning message on this code("StaticPostBackScrollVerticalPosition") for potential cross-site scripting.What needs to be changed to fix this...
View ArticleMicrosoft IIS ISAPI Extension Enumerate Root Web Server Directory Vulnerability
Hi All,we are having "Microsoft IIS ISAPI Extension Enumerate Root Web Server Directory Vulnerability" in one of our servers. could you please let me know what is the solution to fix this issue?Thanks.
View ArticleClik here to view.
WAF is blocking ASP.NET website due to Scriptresource.axd
ASP.NET (Framework 3.5, IIS 8.5, windows server 2012R2) with Ajax control toolkit is being blocked by WAF (Web Applications Firewall). Following is the screen shot from WAFThese are signatures from...
View ArticleYour connection is not secure. in Firefox and Chrome
dear all,i have mark my project as SSL enabled to true , added certificate provided by microsoft. then in MMC, under computer account, i imported this certificate fromPersonal to Trusted Root...
View ArticleHow to fix Cross-Site Scripting: Persistent issues
Hello,There is a software called Fortify that scans my web code pages and that the code below vulnerable for Cross-Site Scripting: Persistent. I am not sure how to go about fixing it. Any ideas?...
View ArticleSecuring EDMX Connection String in Web.Config
Hi,We have generated the ConnectionString in web.config using EDMX Design Model from Sql Server, and how to encrypt or protect the Sql DB Credentials with in the Connection String of Web.Config file.
View Article