ASP.NET Programming Tips - Tip #2

by agrace 30. September 2010 22:39

Double your BlogEngine Traffic in 60 Seconds

BlogEngine SEOSome time ago, I blogged about the increasing importance of performance, read page load speed, in the determination of "rank" by Google.

Then I noticed that most of my blog posts included an image and that there was a considerable lag, so I decided the quickest method of fixing this was to simply go into my settings and decrease the number of posts per page from five to three.

In just five months, the number of hits per months has gone from 9,977 for May to 13,542 for September, a 35% increase. In that time period, there were only three blog posts put out. Draw your own conclusions!

Tags: ,

SEO



ASP.NET Programming Tips - Tip #1

by agrace 26. September 2010 09:20

Google Cannot Solve your Coding Problems

Using GoogleStop and think before you do this. Googling for code samples is usually the final step when designing solutions. Start by defining the problem; if you can't define the problem, how can you solve it? Then, and only then, start working on a black-box solution of your own; identify the basic inputs, general logic (phrase it in a single sentence - this is the black box), and outputs of this black box. Even if you're not artistically inclined, always opt to take pencil to paper - it will help.

Finally, with a clearer perception of what it is you need to do, use Google to focus in on relevant code samples. Doing this in reverse order leads us to try and re-imagine the problem to fit somebody else's solution. I imagine 80/90% of programmers, myself included, are guilty of this everyday form of insanity.

kick it on DotNetKicks.com



ASP.NET Security Alert

by admin 19. September 2010 10:02

ASP.NET Security AlertEarlier this week, on the lead up to the ekoparty Security Conference in Argentina, a pair of security researchers announced that they would demonstrate an attack to exploit the way that ASP.NET handles encrypted session cookies.

I first learned of this on Wednesday, when someone posted a question on Stack Overflow. Since then, Microsoft have issued a security alert and Scott Guthrie has put out a blog post giving a full explanation of how this works and how it may affect you. Scott's post includes a link to a script you can run on your servers to identify vulnerable sites. In short, you need to have a <customErrors> section in your Web.Config file and map all errors to a single error page.

As reported here, the attack is 100% reliable; any ASP.NET website can be "owned" in seconds. The longest it takes is less than 50 minutes. Confirm with your bank that this has been remedied before logging into your account (ASP.NET sites)!

Update to Security Advisory 2416728 (09-20-2010)

FAQ about the ASP.NET Security Vulnerability - Scott Guthrie (09-21-2010)

Update on ASP.NET Vulnerability - Scott Guthrie (09-24-2010)

ASP.NET Security Update Shipping Sept 28th - Scott Guthrie (09-27-2010)

Microsoft Security Bulletin MS10-070 (09-28-2010)

ASP.NET Security Fix Now on Windows Updates - Scott Guthrie (09-30-2010)