VS 2008 - Securing ASPX Web Server
Sep 25, 2011
I do have before a web server w/c is aspx. its like an online game panel w/c players do shop via web. but suddenly 1 day I was "SQL INJECT" i don't know what they do that the injected me.how do I secure my pages this is what i only use to all my pages to prevent entering characters such as " ',%,!,@,#,$,%,^,&,*,(,),.," all special characters will not be allowed. are there any else in order to secure it.?
Code:
Protected Sub Button1_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles Button1.Click
Label2.Visible = False
Dim userCleared As New System.Text.StringBuilder
Dim QuestionCleared As New System.Text.StringBuilder
Dim AnswerCleared As New System.Text.StringBuilder
[code]....
and how do I secure to the Direct browser thing? when i checked the IIS7 logs. i saw one IP w/c went to the /Webresource.axd iidjjfme9393j 4m9 mdmf9 um45d m89fm8jhvrm9u9mu30306bm0n.
some like encryption i don't what is this.
View 6 Replies
Similar Messages:
Mar 1, 2011
I'm going to launch a page - that will persist for a really long time using - using ASP.Net.
Page will have very little controls - will using jQuery ajax calls to build up and fill in the DOM for maintaining data in the backend DB.
How do I maintain who I am with the web service?
I'm used to pages that mostly use asp.net membership / session vbl stuff to maintain state.
That's not going to fly with why I'm doing here.
And I guess that also starts into "how do I secure this web service"?
View 7 Replies
Jan 11, 2011
I am working on the migration of the server. Our new server is Windows server 2008 with IIS7.0 I have a great difficulty in browsing the pages hosted in virtual directories. I have followed the proper steps of creating a virtual directories and converting them into applications. But when i try to browsing the pages of the virtual directory, i get the 404 error. Note: The .Net Framework 4.0 is installed on the server and the web applications which i am trying to configure in the virtual directories are developed in Visual Studio 3.0. Even the http://localhost also don't work.
View 9 Replies
Nov 14, 2010
We will be developing an ASP.NET application. It will store data in an SQL Server 2008 R2 installation. Most of the data is sensitive, so security is a primary concern.We will be hosting this in a shared environment, and it is a design goal that the data should be unreadable in the case of theft.
I am thinking of the following set up:
Encrypt the whole database using TDE. Users are created in the SQL Server users table, and we authenticate against that when users log in through the web interface.The intention is that if someone gets to the database, they will not be able to use the data. And no connection string with user credentials will need to be stored in the web.config file. Do you see any disadvantages to this approach? And how easy will it be to authenticate against the SQL Server as described?
View 3 Replies
Nov 22, 2010
Is it possible to call (Post to) a Method in a ASPX (Code behind) page via HTTP endpoint in Sql server 2008/2005.
View 1 Replies
Jul 7, 2010
I am running a web-site with simple .aspx files on a standalone workgroup Windows Server 2008 called 'Max'.I had assumed that the .aspx files were accessed by the 'Network Service' account.The application pool for the website is running with 'Network Service' as the process account.I was puzzled, since 'Network Service' had no permission on these files. So I added event level auditing to the files, and I was suprised to learn that the .aspx files were being accessed by an account called Max$ (ie the computer account).this correct ?Why is the Network Service account not being used ??
View 3 Replies
Apr 15, 2010
Would something be missing, not working, or confusing if I do this? First, install SQL Server 2008 Standard, and SP1. Then, install Visual Studio 2010 Professional, unchecking SQL Server 2008 Express option. Or would I need to fix any configurations afterwards?
View 1 Replies
Jun 29, 2010
how can i transfer complete database from sql server 2008 to sql server 2008 without loosing relationship intigrity.
View 9 Replies
Oct 5, 2010
I work in VS 2008. Whenver I add a server control(Label) and set it properties in aspx.vb and build the solution, I get the error "Label1 not declared". While analyzing this issue I noticed that the event handler statements for the Label1 where not added in the designer.asp.vb file. These statement would actually be added automatically when I drag and drop a control to my webpage.
I would also like to inform the scenario after which this problem came to me. I was working in VS 2008 , VS 2005 and VS 2003 in the same machine.Could this have caused the issue ?
Now each and everytime when I add a control, I am adding the "With Events" code in the designer page to make my build succesfull which makes me to spend more efforts.
View 2 Replies
Jan 6, 2010
Is there any tool for Visual Studio 2008 which can reformat ASPX code to make it more presentable (eg insert line breaks, format the lines so they wrap when necessary, etc)?
View 5 Replies
Mar 28, 2010
I have looked at all the posts I can find on this problem and tried everything I can think of, but still the problem persists. I am getting really sick of it.was working fine for the last year until an update to MS Office 2007 caused a lot of problems (automatic update). After checking posts here, I removed it completely. No change. I then tried all the things I could find on other posts, also no change. Today, I removed VS and the Web Authoring Component and re-installed. Still no go.
Does anyone have a fix for this problem. It seems that it has been around a long time, but is still giving problems. I even saw one suggestion to reformat the drive! You've got to be joking!
View 4 Replies
Jun 7, 2010
I'm creating a website and I'm testing resgistering and Log-in.
I followed a simple tutorial to create a Log-in in Visual Studio C# template which generated a SQL Server database.Locally the Log-in and registration page works perfectly. The problem is that when I upload my site to the hosting site the navigation works but the Log-in and Registration forms send an error when clicked "Register" or "Log-in". I contacted the site and they upload my database the way it should be because I was doing it wrong. I can see all my files including the data base.
They commented me that I had to do a connection string to the data base so the login and registration forms can work. I don't understand how to do that, I know the connection string has to be declared in the Web Config File, the thing is that I don't know how to write that code and link it to my data base in the hosting site, in fact I have sample code but I don't know just what do I need to put in it.
View 8 Replies
Oct 11, 2010
I am looking at developing using Visual Studio 2010/2008 and SQL Server 2008 on Windows 7. Should I be able to do this on Windows 7 Professional, or do you need Windows 7 Ultimate?
View 2 Replies
Jun 24, 2010
I have a web service that runs a query (from C#) to get a dataset from sql server. I get the following time out error. Googling on this error says, you can set the timeout on command object. But I am not using command object to set the timeout. This is the code I am using to get the dataset.
code:
[code]....
View 8 Replies
May 19, 2010
is there any difference between sql express and sql client. Actually I have been told to install a sql client using which i will connect to the sql server installed remotely. Also I have sql express edition 2008 installed on my machine. So is it the same. Will I be able to connect to the sql server using the sql server express edition.?
View 2 Replies
Aug 10, 2010
I want to make spider charts like this one: [URL] I want to know can I prepare it using reporting service 2008? I am using sql server 2008 as the database and working with Visual studio 2008.
View 4 Replies
Mar 18, 2010
we can not add .mdf file to the project in vs2008 and sql server2008 when i am adding .mdf file its displaying an error message so it is not possible to add
View 2 Replies
Apr 29, 2010
When i tried to attach 2008 database in sql server 2008 it is throwing the error-
"The database 'actitle' cannot be opened because it is version 655. This server supports version 611 and earlier. A downgrade path is not supported.Could not open new database 'actitle'. CREATE DATABASE is aborted. (Microsoft SQL Server, Error: 948)"
When i execute 'select @@version' it gives 'Microsoft SQL Server 2005 - 9.00.1399.06 (Intel X86) Oct 14 2005 00:33:37 Copyright (c) 1988-2005 Microsoft Corporation Workgroup Edition on Windows NT 5.1 (Build 2600: Service Pack 3) 'How the version still be 2005 when im in 2008 ..How can i attach my 2008 database back up.
View 2 Replies
Sep 13, 2010
I have a aspx page with Charts and DataGrips and I want to print all my page in a pdf just like it look in my page.
View 9 Replies
Oct 4, 2011
I'm not conversant with JavaScript, however I need to refresh the page in few seconds so I want to use this code-
<script type="text/JavaScript">
<!--
function timedRefresh(timeoutPeriod) {
setTimeout("location.reload(true);", timeoutPeriod);
}
// -->
</script>
<body onload="JavaScript:timedRefresh(10000);">
<p>
This page will refresh every 10 seconds. This is because we're using the 'onload' event to call our function. We are passing in the value '5000', which equals 5 seconds.
</p>
</body>
Now my aspx page is using Content and referencing masterpage, Page Language="VB"
When I try to add this code to a new page it works fine and page refreshes as desired, but on existing page it gives error-ErrorValidation (XHTML 1.0 Transitional): Element 'body' cannot be nested within element 'td' ....
View 7 Replies
Feb 2, 2010
In ASP.NET MVC 2, to secure controller action, i have created a class RequirePermission inherited from ActionFilterAttribute class. The controller action looks like
[Code]....
Now instead of making different attributes , I want to use RequirePermission attribute like
[RequirePermission(permissions=Permissions.CanView+","+Permissions.CanEdit)] so that i can use it for different scenerious. but the compiler throw the following error. An attribute argument must be a constant expression, typeof expression or array creation expression of an attribute parameter type
View 1 Replies
Mar 25, 2010
I have a asp.net website and I am accessing that web service from my iPhone app to get data.
The WCF web service produces data as JSON.I want to put some kind of authentication on the WCF. What you you guys recommend?
View 2 Replies
Nov 23, 2010
This is the current architechture and this is the question I have: Current architechture: We have an intranet application. No one accesses from outside the firewall. It's pretty simple architechture. We have a webservice and WebUI. The Web UI calls the webmethods of the webservice. So far so good. It works fine. Both webservice and WebUI runs under the context of the same service account (non human user account) that we created. The security is a role based security. If a user is a specific AD group, he can access with web UI. On the webui and webservice we have "Integrated windows authentication".
Code:
<authorization>
<allow roles="MycompanyApr-DataWriters"/>
</authorization>
So all the users and the service account that runs this webservice are in this AD group Apr-DataWriters. When a user launches this webUI, I want to find out either his box number of IP address of this box and datetime stamp. How can i get that information.
View 5 Replies
Sep 21, 2010
I want to make ASPX page with textboxes and dropdown to insert the data into the database and Gridview to display all the data. I wnat some good designs, how can I make the page more attractive with just textboxes,dropdown ,buttons and gridview.
Do somebody have good aspx page, paste just the design here.
View 5 Replies
Jun 6, 2012
I have a web site with some aspx pages. There are occasions when a button on a page is clicked and instead of executing the code written on button click, the page simply reloads and losses values that was entered in various controls on the page.
This does not happen everytime, but randomly. This erratic behaviour is not restricted to any one page , but happens throughout the site. What could be the reason ?
View 2 Replies
