Clik here to view.
Encrypting connectionStrings in Web.Config using the...
One of the most recommended measure during a web application security audit is to encrypt the connectionStrings section from a Web.Config file. If this operation could be quite easy in a single IIS...
View ArticleClik here to view.
Background threads in ASP.net applications (Part 1 – the concept application)
When debugging memory dumps from customers, I have come to see, quite often, a pattern that you should not use in your application if you don't want to run into trouble. This pattern can be resumed in...
View ArticleClik here to view.
Background threads in ASP.net applications (Part 2 – thread implementation)
To continue the saga of developing ASP.net applications that make use of background threads, we will look at how to 'optimize' the application that I have proposed in the first article. The objective...
View ArticleClik here to view.
Background threads in ASP.net applications (Part 3 – threading side effects)
In the final article of the series on the dangers of ASP.net background threading, to illustrate the dangers of such an architecture, I will start by introducing one more modification to the code of...
View ArticleClik here to view.
Security guidelines to detect and prevent DOS attacks targeting IIS/Azure Web...
In a previous blog, we explained how to Install IIS Dynamic IP Restrictions in an Azure Web Role. In the present article, we'll provide guidelines to collect data and analyze it to be able to detect...
View ArticleClik here to view.
Perfmon & IIS / ASP.NET
One regular question posed to our team deals with the performance counters set-up to ensure IIS and ASP.Net application(s) are working properly. However, as every web-application and hence every IIS...
View ArticleClik here to view.
Perfmon : IIS / ASP.NET
Une question qui revient régulièrement dans notre équipe concerne les compteurs de performance à mettre en place pour s'assurer qu'à la fois IIS et les application(s) ASP.NET fonctionnent bien....
View ArticleClik here to view.
PowerShell – Comment éviter le prompt d’UAC pour automatiser l’exécution d’un...
L'un de mes clients a récemment soulevé le fait qu'il ne pouvait pas exécuter un script PowerShell automatiquement car le script nécessitait une élévation de privilège (via un prompt UAC) ce qui...
View ArticleClik here to view.
Azure Black IPs Intro
What is the Azure Black IPs Nuget Package. In a previous post on our blog...
View ArticleClik here to view.
Azure Black IPs – getting started video
This week, together with my colleague Emmanuel, we released a Nuget package called Azure Black IPs that would allow you to track IP addresses that send requests that trigger the ASP.net validation for...
View ArticleClik here to view.
User Controls, Update Panels and JQuery scripts all working together happily.
While working on implementing new functionality on my online favorites manager (www.linqto.me) which I encourage everyone to check out, I came across the following problem: Given a UserControl, I would...
View ArticleClik here to view.
ASP.net segment heap sizes – or how much virtual memory my web-app will need
Many a times, customers come to me saying they have a feeling that their ASP.net application takes up more memory then it did before, especially if they are migrating from the .Net 2.0 Runtime to the...
View ArticleClik here to view.
Application pool gets recycled due to anti-virus?
It's not the first time that I heard of my customers complaining about their anti-virus: after a certain activity (such as a regular scanning for system files), their application pools get restarted...
View ArticleClik here to view.
Debugging your custom FTP authentication provider module
If you are reading this article, I will make the assumption that you already know that in Microsoft FTP server that comes with IIS 7.5 or above, you have three possibilities for authentication:...
View ArticleClik here to view.
Security guidelines to detect and prevent DOS attacks targeting IIS/Azure Web...
In a previous blog, we explained how to Install IIS Dynamic IP Restrictions in an Azure Web Role. In the present article, we’ll provide guidelines to collect data and analyze it to be able to detect...
View ArticlePerfmon & IIS / ASP.NET
One regular question posed to our team deals with the performance counters set-up to ensure IIS and ASP.Net application(s) are working properly. However, as every web-application and hence every IIS...
View ArticlePerfmon : IIS / ASP.NET
Une question qui revient régulièrement dans notre équipe concerne les compteurs de performance à mettre en place pour s’assurer qu’à la fois IIS et les application(s) ASP.NET fonctionnent bien....
View ArticlePowerShell – Comment éviter le prompt d’UAC pour automatiser l’exécution d’un...
L’un de mes clients a récemment soulevé le fait qu’il ne pouvait pas exécuter un script PowerShell automatiquement car le script nécessitait une élévation de privilège (via un prompt UAC) ce qui...
View ArticleClik here to view.
Azure Black IPs Intro
What is the Azure Black IPs Nuget Package. In a previous post on our blog...
View ArticleClik here to view.
Azure Black IPs – getting started video
This week, together with my colleague Emmanuel, we released a Nuget package called Azure Black IPs that would allow you to track IP addresses that send requests that trigger the ASP.net validation for...
View Article