Remoting


Do not expose .NET Remoting endpoints on Internet- facing Web servers. To disable Remoting, disable requests for .rem and .soap extensions by mapping requests for these file extensions to the HttpForbiddenHandler . Use the following elements beneath <httpHandlers> :

 <httpHandlers>   <add verb="*" path="*.rem" type="System.Web.HttpForbiddenHandler"/>   <add verb="*" path="*.soap" type="System.Web.HttpForbiddenHandler"/>   . . . </httpHandlers> 
Note  

This does not prevent a Web application on the Web server from connecting to a downstream object by using the Remoting infrastructure. However, it prevents clients from being able to connect to objects on the Web server.




Improving Web Application Security. Threats and Countermeasures
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
Year: 2003
Pages: 613

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net