Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I using Windows Authentication with IIS 7, I need the prompt don't show or display.
What is the correct way for the prompt donĀ“t display.
It's somewhat difficult to understand what you are asking.
But I'm taking a stab at it and assume that you have set up a web site using Windows Authentication, and when you browse to it with a web browser you get a login dialog asking for username and password.
Is my assumption correct?
The reason for this could be a list of things.
Unfortunately you are not mentioning anything whether you are using a intranet based web site or an internet facing web site.
If it is the former, then there's hope, if the latter not so much.
Assuming that you are within boundaries of a corporate network, an intranet solution.
First off, make sure you are using a web browser that support Windows Authentication. Microsoft Internet Explorer is a good start. If using IE, make sure that it is set to Enable Windows Authentication in Tools->Internet Options->Advanced.
And that the host name you are accessing is part of the Local Intranet Zone in the Security Tab of IE. That way, you can take advantage of the Automatic logon functionality.
Second, if you are not using Impersonation on the web site, make sure that the account running the application pool has all the necessary permissions to all needed resources. (Like files it may need to access, DB access an so forth.)
If you are using Impersonation, make sure that the account running the browser session has all the necessary permission to all eventual resources your web application may access. (See previous)
If you are using an internet facing web site, then sorry, you are out of luck.
You know, if your question would have been more specific, you would have given a much better answer.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
Apologies if this is in the wrong category. I'm currently developing and application in ASP, due to my inexperience with ASP I'm worried about vulnerabilities that a user can exploit.
My application is being coded from scratch, no templates used or defaults from Visual Studio, completely blank projects. The user is greeted with a login page where depending on there user access in active directory depends on which pages the user can access.
The exploit I'm worried about is if the user will be able to commit a directory traversal and access a page in which they're not allowed to access and change critical information.
I'm afraid my inexperience has caught up with me. Could someone explain to me how I could limit the access to the user or, If I'm over thinking the process, correct me? Constructive criticism is accepted.
Microsoft does try to help protect your application through their defaults, so if you're running in IIS, make sure the user the application pool is running under only has write access to the folders it needs to write into.
This is a very open-ended question and depends on many factors such as version of .net, server OS/IIS version, other handlers installed, etc. But a good start is to review the OWASP Top 10:
https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project#OWASP_Top_10_for_2013
Here's a list of some automated tools you can use for testing your implementation:
https://geekflare.com/online-scan-website-security-vulnerabilities/
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
Is there any way to redirect user to a static page when server is overloaded?
Maybe showing a alert page and inform user to come back later because server is currently overloaded.
I think the first thing you'd need to do is to determine at what point your server becomes 'overloaded' i.e. when does the performance (responsiveness) of the website become unacceptable. For this you'd need to run a tool such as WCAT. From the download page:
Web Capacity Analysis Tool (WCAT) is a lightweight HTTP load
generation tool primarily designed to measure the performance of a web
server within a controlled environment. WCAT can simulate thousands of
concurrent users making requests to a single web site or multiple web
sites. The WCAT engine uses a simple script to define the set of HTTP
requests to be played back to the web server. Extensibility is
provided through plug-in DLLs and a standard, simple API.
Once you have that information, you could either access the performance counters of the web server or perhaps do something as simple as counting the number of active sessions. Should the number of active session be above a configurable threshold (perhaps in your web.config), redirect to your simple static page.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I want to create a Website for that I am using asp.net technology,Since I am Actually Buying a domain and web hosting space for it. Before that I have question regarding some doubts.
I have seen Website http://www.bigrock.in/ . As everyone Knows that Asp.net is platform dependent and I want my Website should open everywhere with same look and feel. And Someone have told me there will be no issue for platform Dependency,You only need to choose Server with windows and deploy Your website there. and after that everybody will be able to open website with same look. Now My question is that if that's the thing is there then why the issue of platform Independent for(java EE,Php) website is there.
Please Clarify my doubts.
Platfrom independence in this case is only a concern for the server, not the client.
A normal asp.net website can be openened in all mainstream browsers, on Mac, Linux or Windows or mobile clients. So it will work everywere.
ASP.net is platform dependent.
This is not true.
An asp.net website can be installed on any web-server provided it has .net framework installed on it. Most modern age windows servers has it. Hence, whoever told you that
choose Server with windows and deploy Your website there. and after
that everybody will be able to open website with same look
Is right.
When somebody accesses your website's page asp.net generates HTML content which is sent to client which is platform independent. Hence all clients will get same look and feel.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I just subscribed for shared hosting plan on ASPHOSTCENTRAL. I changed my Domain settings and pointed to the name servers as they said(10hrs ago). Since then I've been trying to access my website's default page but I can't. It prompts me to enter a User name and a password.
When I asked the help desk, they said it's working on their end and they can see the default web page.
This is an ASP .Net web application (3.5 framework) with Crystal reports (V12) and MS SQL server database.
The support team said when I try to ping ebolamedia.ae(my domain) then I should get 208.43.160.193 but on my end I see 174.37.255.233.
I don't understand what is wrong. Can someone help me... I can't access my FTP too.
I just check it now and see 208.43.160.193, so probably you are the problem, and its probably the dns cache on your computer.
There maybe a dns cache from your web browser or a dns cache from your computer. To clear the dhs cache of your computer open a dos prompt, (start | run | cmd) and run
ipconfig /flushdns
and probably is going to reread the dns and works.
Alternative open your windows/system32/drivers/host file with text pad and check or add manually the correct ip for your web address, just to make it play and you make your work until all dns flush and clear.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
What are the disadvantages (if any) of using a virtual private server instead of a dedicated server to host my web application?
I launching my first web application in a couple of months and I'm trying to wonder what's the best way to host it at an affordable price. It's built in ASP.Net and uses SQL Server Express.
My point is, since it's a subscription based web application, which I don't expect a huge amount of traffic in the first months, will a VPS handle the trafic?
I've been looking around and I can find a VPS with 2Gb of ram for U$ 50, and that's way bellow renting a private server that I'm sure will be underused in the firsts months.
One of the main disadvantages of VPS is you still have shared resources despite them touting, "dedicated processor". While that may be true, you're still sharing a server with other VPS clients.
Nothing wrong with starting out there, especially if the service has a direct upgrade path to dedicated, should your web app warrant it. Let's hope it does! I'd love to have those problems.
My gut feeling is that a VPS will work well for you. But I think your chances to get good guidance in matters like these increase if you ask the question over at WebHostingTalk.
Why not try it yourself? Download Virtual PC (free download), build a virtual machine that's speced like the VPS you're aiming for, install your app and do some load tests!
This will give you the most accurate results, since it's exactly what the VPS vendor is doing.