I want to know what are few things i should test before going live. Basically i want to secure it from hacking threats. Are there some guidelines that i should follow in Asp.Net MVC for securing my website.
1
-
1Duplicate of stackoverflow.com/questions/1168731/…David Glenn– David Glenn2011-02-03 10:06:33 +00:00Commented Feb 3, 2011 at 10:06
Add a comment
|
1 Answer
You might like to learn how to use a tool like burpsuite, which will automatically check for stuff like sql injection attacks, enumeration attacks, but will probably not check for xss vulnerabilities, and other nasties.
You might also like to buy a book like web hacking exposed or the web application hacker's handbook, which demonstrate the techniques that people use to hack websites.
Whilst your application might be very secure/hard to hack, placing it on an unsecured server (especially on shared hosting) might render all your hard work useless.
In the past, I've used third parties to pen-test web applications: if you do this make sure you get a detailed enough report to fix the problems; the ability to talk to someone about any issues they find; some guarantee about re-testing if any issues are found.
