ASP.NET Securing
ASP.NET дээр веб хийдэг улсууд доорхи нэр дурдсан зүйлүүдийг веб хийхдээ анхаарвал зохилтой гэсэн байх юм.
1) User authentication/authorization. Role based access
3) CAPTCHA implementation. On anonymous data entry forms, to avoid junk data
4) URL querystring manipulation. Apply proper checks to avoid QS manipulation
5) Secure resource name (directory/file name for admin). Admin folder should not be named
as admin as hackers always go for that folder first
6) Denial of service attack . This should be implemented
7) SQL Injection
8) JavaScript/HTML Injection
9) Cross site scripting
10) SSL pages
11) Session Check
12) I.P. Logging
13) Tracking/Showing IP on admin login
14) Google hack
15) Exception logging
19) Avoiding double submission of data (use ACT & LOCK policy)
7:14 PM
|
Labels:
.NET
|
This entry was posted on 7:14 PM
and is filed under
.NET
.
You can follow any responses to this entry through
the RSS 2.0 feed.
You can leave a response,
or trackback from your own site.
1 comments:
Өөр нэмж хэлэхээр юм байна уу? хүмүүсээ.
Post a Comment