I recently had some concerns about the sensitive data protection in a project. Data such as the API key and API secret of an exchange which is totally sensitive and should be kept in the highest possi...
Saturday, 24 July 2021
After moving my website to dotnet core, in order to make the admin panel more secure, I decided to filter the admin panel and restrict it to my static IPs. there are lots of ways to do that, I persona...
Sunday, 21 February 2021
A Web Application Firewall (WAF) is a security tool designed to protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It sits between the web ap...
Saturday, 03 October 2020
In asp.net applications, directory browsing has enabled some versions and you let the users see all of the content and structure of your application like the picture below:
To the best of...
Saturday, 13 October 2018
An Open Redirect is a security vulnerability that allows an attacker to redirect a user from a legitimate website to a malicious website of their choice. This is typically accomplished by exploiting a...
Saturday, 02 December 2017
Recently I faced an issue about the protection of the files which were in a separated Web Application as a CDN. The files would be protected not only from external requests but also the internal unaut...
Tuesday, 10 March 2015
Recently I came up with a solution for filtering the API requests by filtering the server IP. This is used when you want to make the received requests private and secure. It's a simple helper and ...
Monday, 02 March 2015
In the simplest definition, Any web application that redirects to a URL by a request (querystring) can tamper to an external, malicious URL by hackers. This operation is called an open redirection att...
Monday, 07 July 2014