Disable Tracing and Debugging Before Deploying ASP.NET Applications

Previous page
Table of content
Next page

Disable Tracing and Debugging Before Deploying ASP.NET Applications

Disabling tracing and debugging before deploying ASP.NET applications sounds obvious, but you d be surprised how many people don t do this. It s bad for two reasons: you can potentially give an attacker too much information, and a negative performance impact results from enabling these options.

You can achieve this disabling in three ways. The first involves removing the DEBUG verb from Internet Information Services (IIS). Figure 13-3 shows where to find this option in the IIS administration tool.

Figure 13-3

You can remove the DEBUG verb from each extension you don t want to debug in this case, SOAP files.

You can also disable debugging and tracing within the ASP.NET application itself by adding a Page directive similar to the following one to the appropriate pages:

<%@ Page Language="VB Trace="False Debug="False %>

Finally, you can override debugging and tracing in the application configuration file:

<trace enabled = false /> <compilation debug = false />


Previous page
Table of content
Next page
Writing Secure Code
Writing Secure Code, Second Edition
ISBN: 0735617228
EAN: 2147483647
Year: 2005
Pages: 153
Authors: Michael Howard, David LeBlanc
BUY ON AMAZON
Building Web Applications with UML (2nd Edition)
The New Solution Selling: The Revolutionary Sales Process That Is Changing the Way People Sell [NEW SOLUTION SELLING 2/E]
Mastering Delphi 7
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
802.11 Wireless Networks: The Definitive Guide, Second Edition
VBScript in a Nutshell, 2nd Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy