Skip to main content

10 Points to Secure Your ASP.NET Core MVC Applications

In this article, we learn how to secure ASP.NET Core MVC Applications against top 10 attacks given by OWSAP (Open Web Application Security Project) in step by step way.

  1. Broken authentication and session management
  2. Sensitive Data Exposure & Audit trail
  3. Cross-Site Scripting (XSS) attacks
  4. Malicious File Upload
  5. Security Misconfiguration (Error Handling Must Setup Custom Error Page)
  6. Version Discloser
  7. Cross-Site Request Forgery (CSRF)
  8. XML External Entities (XXE)
  9. Insecure Deserialization
  10. SQL Injection Attack
We are new to the .NET Core Framework and we are using it for developing production applications, but when we develop a production application we must also think of security. So, in this article, we will run through 10 points which will help us to make our ASP.NET Core MVC code secure.





Comments

Post a Comment

Popular posts from this blog

Securing ASP.NET CORE Web API using Custom API Key based Authentication

In this article, we are going to learn how to create a secure Web API in ASP.NET Core MVC. Link to Complete Article with source code:-   https://www.codeproject.com/Articles/1228892/Securing-ASP-NET-CORE-Web-API-using-Custom-API-Key In the fast-growing era of Web technology, everything is changing too fast. With ASP.NET there was a time when we used to use web service (the .asmx ones), which was SOAP-based, which we can just use for consuming data from other applications, which did have that much of security in it. Most developers would take Username and Password Parameter as input and then they would allow to access web service. As time passes, Microsoft came up with WCF which was secured but too complex to use. Further, Microsoft came up with something new called as Web API which we can use by creating ASP.NET MVC application or directly ASP.NET Web API application which was lighter and easy to use. But moving further, Microsoft introduces ASP.NET Core wh...
Post a Comment
Read more

Spire.Office for .NET

Introduction Free Spire.Doc for .NET is a Community Edition of the Spire.Doc for .NET, which is a totally free word component for commercial and personal use. As a free C#/VB.NET component, it also offers a lot of powerful functions. Developers can use it to generate, read, write, save, print and convert documents on any .NET applications. The featured function, conversion allows converting Word documents (Word 97-2003, Word 2007, Word 2010, word 2013) to commonly used file format, such as XML, RTF, TXT, PDF, XPS, EPUB, HTML and Image etc. Visit Site for Details :-  Click Here to Visit Official Site     Click here to Download Tools :- Download Here In this article we are going to learn how to generate DOC file Use Powerful tool Spire.Office for .NET Tool Required We are using Visual Studio 2012. Free Spire.Office Component [Free for commercial and personal use] Support .Net from [ 2.0 to 4.5 ] Getting Started Let’s start with cre...
Post a Comment
Read more

Capturing Image From Web Cam in ASP.Net MVC

This article shows how to capture an image using a webcam in MVC4 and in this application we will use a jQuery webcam.js plug-in for capturing images. I have seen that most online applications currently require webcam image capturing functionality in some way or another. Most social networking sites use this kind of functionality in their application for capturing user profile pictures. To see Complete Article Visit: -  http://www.c-sharpcorner.com/UploadFile/4d9083/capturing-image-from-web-cam-in-Asp-Net-mvc139/ Agenda Create basic MVC application. Download and Adding webcam.js related reference files to project. Adding Controller ( PhotoController ). Adding Index view. Adding Action Method Capture( ). Adding Script for capturing Image. Adding Action Method and Script for binding image. Adding [HttpPost] Index Action Method. Displaying the index View in New Window. Changephoto.cshtml Code Snippet. PhotoController Code Snippet. Index.cshtml Code ...
Post a Comment
Read more