Showing posts with label security. Show all posts
Showing posts with label security. Show all posts

December 16, 2013

Enable SSL from IIS 7

SSL or Secure Socket Layer is needed for enhanced security on a website. With SSL, websites are viewed on the browser with https. To enable SSL, a certificate must be purchased from authorities. Free or cheap ones are available as well like from  http://www.startssl.com . However, after purchasing and setting up the certificate, SSL needs to be enabled from the web server - in this case, IIS.

To enable SSL on IIS, open IIS and then click on site under "Sites" and then click on Bindings from the "Edit Site" section.

1


If https does not exist, add https by clicking on Add like below. Also, select the certificate to bind https to.

2

After SSL is added, click on SSL settings within IIS subheading for the website.

3

On the Settings panel, Choose Require SSL.

4

That should be it. You should be done now.

August 26, 2013

I worked on multi-site login solution where basically a user logs in first site - say site1.example.com - and then when the user browses to site2.example.com - the user is already logged in there. The way I initially dealt with it was to create a cookie in site1 that will be accessible in site2. Since, both site1 and site2 are sub-domains of the main domain, so, that sounded like a possible solution as long as we don't restrict the cookie by application or path.

August 21, 2013

Lately I worked on a project that worked great on Visual Studio but upon deployment I kept get the error - "Operation is not valid due to the current state of the object". After doing some more tests, unfortunately, on production, I realised that the error is happening due to large data set that is returned from the database for the logged in user.

image

Reference: Shahed Kazi at AspNetify.com