Introducing key security practices
In this section, we will explore key security measures to be taken into consideration while building our ASP.NET web application. There are some C# code samples in the following sections that we will use to explain various security vulnerabilities we may face. This code syntax was prepared based on ASP.NET Core and .NET 5, but the concept is the same even if you have an ASP.NET Web Forms application.
The following is a list of the security measures we will learn about in this section:
- Authentication
- Authorization
- Anti-cross-site scripting (XSS)
- Cross-site request forgery (CSRF)
- Cookie stealing
- Overposting
- Preventing open redirection attacks
- Blocking brute-force attacks
- File-upload protection
- Preventing Structured Query Language (SQL) injection attacks in ADO.NET and Entity Framework (EF)
- General security recommendations
Authentication
Authentication is the process of validating the identity...
