Tracing

Previous page
Table of content
Next page

Tracing should not be enabled on production servers because system-level trace information can greatly help an attacker profile an application and probe for weak spots.

<trace>

Tracing is configured using the <trace> element. Set enabled="false" on production servers as follows : 

 <trace enabled="false" localOnly="true" pageOutput="false"        requestLimit="10" traceMode="SortByTime"/>

If you do need to trace problems with live applications, it is preferable that you simulate the problem in a test environment, or if necessary, enable tracing and set localOnly="true" to prevent trace details from being returned to remote clients .



Previous page
Table of content
Next page
Improving Web Application Security. Threats and Countermeasures
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
Year: 2003
Pages: 613
Authors: Microsoft Corporation
BUY ON AMAZON
Inside Network Security Assessment: Guarding Your IT Infrastructure
Network Security Architectures
PostgreSQL(c) The comprehensive guide to building, programming, and administering PostgreSQL databases
Cisco CallManager Fundamentals (2nd Edition)
Programming Microsoft ASP.NET 3.5
HTI+ Home Technology Integrator & CEDIA Installer I All-In-One Exam Guide
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy