Web Security
3 posts tagged with this.
-
Mitigating Recent ASP.NET Core Request Handling Risks
A recent Microsoft advisory addresses flaws in how ASP.NET Core processes certain HTTP requests under load-balanced or reverse-proxy setups. Production sites must apply configuration changes and runtime updates to prevent potential smuggling or injection vectors.
-
Mitigating CVE-2023-44487: HTTP/2 Rapid Reset in .NET Apps
CVE-2023-44487 exposes HTTP/2 servers to a high-amplification denial of service attack known as Rapid Reset. Learn exactly how it impacts ASP.NET Core applications on Kestrel and IIS, plus the updates, Kestrel configuration, and monitoring practices needed to keep your production sites online.
-
What Is the Geo Filtering Module? Usage and Performance Effects
ASPnix's Geo Filtering IIS module blocks traffic from specified countries via IP geolocation lookups, returning an HTTP 403 Forbidden page to restricted visitors while allowing others normal access. It adds at most 50ms to response times with no impact at 1000 requests per second. This guide details