Solved

How do I secure my website against XSS injection

Posted on 2012-04-03
1
246 Views
Last Modified: 2012-05-01
Hi Experts,
I have an ASP.Net website.  I want to secure against XSS injection and other threats.  How do I accomplish this?  Do I have to do something with the ValidateRequest attribute?

Thanks in advance,
mrotor
0
Comment
Question by:mainrotor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 4

Accepted Solution

by:
xanandu earned 500 total points
ID: 37802359
In reality there are 2 ways to protect against XSS.

Option 1) have the code validated for security best practices. depending on the size of the codebase, this can be a very expensive option. As new vulnerabilities are released, you will have to check the code for the new troublesome code.

Option 2) put in a web application firewall. This is the option I went with. This is even a compensating control for having code verified in the process of becoming PCI compliant. There are a number of WAF appliances out there. I have tried a few, but i chose to use a FortiWeb as I was familiar with the FortiNet architecture at the time. This option is usually cheaper than having code security-validated, and will be much cheaper than having your code security-validated after your next major revision.

Your best bet is contact a security consulting firm and see what they recommend for your particular setup.
0

Featured Post

Business Impact of IT Communications

What are the business impacts of how well businesses communicate during an IT incident? Targeting, speed, and transparency all matter. Find out more in this infographic.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Create animated movies for web page 18 165
migrating to phpbb forum from vBulletin 4.2 3 93
website linking 3 22
My tooltip is not displaying correct 11 15
Boost your ability to deliver ambitious and competitive web apps by choosing the right JavaScript framework to best suit your project’s needs.
An enjoyable and seamless user experience can go a long way on an eCommerce site. While a cohesive layout and engaging copy play roles in creating a positive user experience, some sites neglect aspects that seem marginal but in actuality prove very …
The viewer will learn how to count occurrences of each item in an array.
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question