Showing posts with label security. Show all posts
Showing posts with label security. Show all posts

December 16, 2013

Enable SSL from IIS 7

SSL or Secure Socket Layer is needed for enhanced security on a website. With SSL, websites are viewed on the browser with https. To enable SSL, a certificate must be purchased from authorities. Free or cheap ones are available as well like from . However, after purchasing and setting up the certificate, SSL needs to be enabled from the web server - in this case, IIS.

To enable SSL on IIS, open IIS and then click on site under "Sites" and then click on Bindings from the "Edit Site" section.


If https does not exist, add https by clicking on Add like below. Also, select the certificate to bind https to.


After SSL is added, click on SSL settings within IIS subheading for the website.


On the Settings panel, Choose Require SSL.


That should be it. You should be done now.

August 26, 2013

I worked on multi-site login solution where basically a user logs in first site - say - and then when the user browses to - the user is already logged in there. The way I initially dealt with it was to create a cookie in site1 that will be accessible in site2. Since, both site1 and site2 are sub-domains of the main domain, so, that sounded like a possible solution as long as we don't restrict the cookie by application or path.

August 21, 2013

Lately I worked on a project that worked great on Visual Studio but upon deployment I kept get the error - "Operation is not valid due to the current state of the object". After doing some more tests, unfortunately, on production, I realised that the error is happening due to large data set that is returned from the database for the logged in user.


Reference: Shahed Kazi at