Disable Tracing and Debugging Before Deploying ASP.NET Applications

Previous page
Table of content
Next page

Disable Tracing and Debugging Before Deploying ASP.NET Applications

Disabling tracing and debugging before deploying ASP.NET applications sounds obvious, but you'd be surprised how many people don't do this. It's bad for two reasons: you can potentially give an attacker too much information, and a negative performance impact results from enabling these options.

You can achieve this disabling in three ways. The first involves removing the DEBUG verb from Internet Information Services (IIS). Figure 18-6 shows where to find this option in the IIS administration tool.

figure 18-6 you can remove the debug verb from each extension you don't want to debug in this case, soap files.

Figure 18-6. You can remove the DEBUG verb from each extension you don't want to debug in this case, SOAP files.

You can also disable debugging and tracing within the ASP.NET application itself by adding a Page directive similar to the following one to the appropriate pages:

<%@ Page Language="VB" Trace="False" Debug="False" %>

Finally, you can override debugging and tracing in the application configuration file:

<trace enabled = 'false'/> <compilation debug = 'false'/>


Previous page
Table of content
Next page
Writing Secure Code
Writing Secure Code, Second Edition
ISBN: 0735617228
EAN: 2147483647
Year: 2001
Pages: 286
Authors: Michael Howard, David LeBlanc
BUY ON AMAZON
OpenSSH: A Survival Guide for Secure Shell Handling (Version 1.0)
Certified Ethical Hacker Exam Prep
Software Configuration Management
101 Microsoft Visual Basic .NET Applications
The New Solution Selling: The Revolutionary Sales Process That Is Changing the Way People Sell [NEW SOLUTION SELLING 2/E]
Microsoft Office Visio 2007 Step by Step (Step By Step (Microsoft))
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy