Pretty Permalinks in wordpress fails on windows hosting

Symptoms : Pretty Permalinks in wordpress are not working even after setting correct Permalink Settings   [Applicable for windows server ] . Pages with post / page names either getting 404 – Not found error or redirect to root of domain Solution : When you update these settings wordpress will ask you to…

Configuration Management

Configuration Management Many applications support configuration management interfaces and functionality to allow operators and administrators to change configuration parameters, update Web site content, and to perform routine maintenance. Top configuration management threats include: Unauthorized Access to Administration Interfaces Administration interfaces are often provided through additional Web pages or separate Web…

Cross Site Scripting Vulnerabilities

How to Test for Cross Site Scripting Vulnerabilities ? Applies to ASP.NET 1.1 ASP.NET 2.0 Overview Even though XSS is simple; understanding it is hard due to lack of social engineering awareness. XSS attacks need an attacker a victim, an attacker server, a victim browser, a victim server, and a…

Authentication Mechanism

Authentication mechanism Authentication Depending on your requirements, there are several available authentication mechanisms to choose from. If they are not correctly chosen and implemented, the authentication mechanism can expose vulnerabilities that attackers can exploit to gain access to your system. The top threats that exploit authentication vulnerabilities include: ● Network…

Session Management

Session Management Web applications are built on the stateless HTTP protocol, so session management is an application-level responsibility. Session security is critical to the overall security of an application. Top session management threats include: Session Hijacking A session hijacking attack occurs when an attacker uses network monitoring software to capture…

Input Validation

Input Validation Input validation is a security issue if an attacker discovers that your application makes unfounded assumptions about the type, length, format, or range of input data. The attacker can then supply carefully crafted input that compromises your application. When network and host level entry points are fully secured;…

Threats and Countermeasures

Threats and Countermeasures: S.T.R.I.D.E STRIDE Threats faced by the application can be categorized based on the goals and purposes of the attacks. A working knowledge of these categories of threats can help you organize a security strategy so that you have planned responses to threats. STRIDE is the acronym used…

Avoid SQL Injection

SQL Injection attack What is SQL Injection attack and how do i address it during my application development? SQL injection is a technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either incorrectly filtered for string literal escape…

Application Security

This Articles Gives brief Idea about securing applications & to serve as a guideline to counter security vulnerabilities commonly observed in Applications. Tip 1 How to Avoid SQL Injection attack Tip 2 Threats and Countermeasures: S.T.R.I.D.E Tip 3 Input Validation Tip 4 Session Management Tip 5 Authentication Mechanism Tip 6…

PTVS – Python tools for Visual Studio

Python tools for Visual Studio might be a very good alternative IDE on windows.   http://www.hanselman.com/blog/OneOfMicrosoftsBestKeptSecretsPythonToolsForVisualStudioPTVS.aspx PTVS is a free/OSS plugin that turns Visual Studio into a Python IDE. PTVS supports CPython, IronPython, editing, browsing, Intellisense, mixed Python/C++ debugging, profiling, HPC clusters, multiple REPL’s, IPython, Django, and cloud computing with…