Solved

How do I secure my website against XSS injection

Posted on 2012-04-03
1
243 Views
Last Modified: 2012-05-01
Hi Experts,
I have an ASP.Net website.  I want to secure against XSS injection and other threats.  How do I accomplish this?  Do I have to do something with the ValidateRequest attribute?

Thanks in advance,
mrotor
0
Comment
Question by:mainrotor
1 Comment
 
LVL 4

Accepted Solution

by:
xanandu earned 500 total points
ID: 37802359
In reality there are 2 ways to protect against XSS.

Option 1) have the code validated for security best practices. depending on the size of the codebase, this can be a very expensive option. As new vulnerabilities are released, you will have to check the code for the new troublesome code.

Option 2) put in a web application firewall. This is the option I went with. This is even a compensating control for having code verified in the process of becoming PCI compliant. There are a number of WAF appliances out there. I have tried a few, but i chose to use a FortiWeb as I was familiar with the FortiNet architecture at the time. This option is usually cheaper than having code security-validated, and will be much cheaper than having your code security-validated after your next major revision.

Your best bet is contact a security consulting firm and see what they recommend for your particular setup.
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Any business that wants to seriously grow needs to keep the needs and desires of an international audience of their websites in mind. Making a website friendly to international users isn’t prohibitively expensive and can provide an incredible return…
Get to know the ins and outs of building a web-based ERP system for your enterprise. Development timeline, technology, and costs outlined.
This video teaches users how to migrate an existing Wordpress website to a new domain.
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now