Hello everyone, I've created a a couple small jsp/servlet programs where I could hide the URL to my app. I've moved on the c#.net and I was curious how not displaying the full path to your application in the url is done. ww.myapp.com/heresMyApp/hereItIsInTheRoot.axpx?
. Is there a way to hide this from the address window? Maybe thats not the greatest security measure I'm not very experienced but I'm just looking for ways to keep me from being hacked. thanks for anything -wiley
Hello, I don't know if this can be a major issue hackers look at. But here is a small trick try to make use of it if u want. For example, in th index.aspx pages, once a link is clicked use Server.Transfer("heresMyApp/hereIsInTheRoot.aspx"); this way, the page
will be transfered to the page u want and at the same time, the url won't change, it will stay like this: www.myapp.com/index.aspx does this help in one way or another ? Regards.
Hi yes, that helps. Isn't it important to hide where your applications are in the root? Or am I mis-informed. If that's not important. What are some basic security measures one should take besides not allowing sql commands in text input boxes and changing your
URL. I downloaded a 500 page doc from microsoft but I thought someone could throw some out here. thanks for the reply -Wiley
> I downloaded a 500 page doc from microsoft but I thought someone could throw some out here. If you've downloaded the PDF of
Building Secure ASP.NET Applications: Authentication, Authorization, and Secure Communication, then I'd strongly recommend that you read the first few chapters, and then skim read the rest. Just try to get a feel for .NET security. Or, if that's a bit too
daunting (and I wouldn't blame you), download the
OWASP Guide to Building Secure Web Applications, and read chapter 4. Chapter 4 is only a page and a half, yet provides a very good summary of general security guidelines. To my mind, it's as important to understand what does
not provide security, as it is to understand what does provide security. And Chapter 4 will summarize both illusionary and real security. I hope this helps.
wiley173
Member
125 Points
25 Posts
basic application security - hacked
May 21, 2004 07:00 AM|LINK
haidar_bilal
All-Star
45609 Points
8730 Posts
MVP
Re: basic application security - hacked
May 21, 2004 08:40 AM|LINK
Professional ASP.NET 3.5 Security, Membership, and Role Management with C# and VB
wiley173
Member
125 Points
25 Posts
Re: basic application security - hacked
May 22, 2004 11:21 PM|LINK
SomeNewKid
All-Star
45894 Points
8027 Posts
Re: basic application security - hacked
May 23, 2004 04:10 AM|LINK