473,385 Members | 1,582 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > asp.net > questions > page security

Join Bytes to post your question to a community of 473,385 software developers and data experts.

Page Security

Z D
Hello,

I'm trying to create an ASP.NET page that ONLY allows access if its
linked-to from another specific server. I know the IP address of this
server.

I was wondering how I'd go about setting this up in a secure way?

I considered using HTTP_REFERER but I found that its easy to spoof this and
its not very reliable.

What other options do I have? I'd like to avoid passing something in the
querystring because it's just too easy for someone to try and hack it. It
seems, however, that the querystring would be my only option. Does anybody
know of a mechanism that I can use to encrypt the querystring in a
time-dependent manner (so that the user cant copy the querystring and use it
the next day / give it to someone else).

Any suggestions?

thanks!
Nov 18 '05 #1
2 839
Do you just want this one page to be restricted or the entire site. If you
want to protect the entire site, I think that you can configure IIS to
restrict access to specific IP addresses.

"Z D" <no****@nospam.com> wrote in message
news:O4**************@tk2msftngp13.phx.gbl...
Hello,

I'm trying to create an ASP.NET page that ONLY allows access if its
linked-to from another specific server. I know the IP address of this
server.

I was wondering how I'd go about setting this up in a secure way?

I considered using HTTP_REFERER but I found that its easy to spoof this and its not very reliable.

What other options do I have? I'd like to avoid passing something in the
querystring because it's just too easy for someone to try and hack it. It
seems, however, that the querystring would be my only option. Does anybody know of a mechanism that I can use to encrypt the querystring in a
time-dependent manner (so that the user cant copy the querystring and use it the next day / give it to someone else).

Any suggestions?

thanks!

Nov 18 '05 #2
I think using IIS to restrict the IP address is only for the CLIENTS
accessing the website (ie the person with the browser).

I'm trying to let any client access the server ONLY if they've been
redirected from a specific site.

"Peter Rilling" <pe***@nospam.rilling.net> wrote in message
news:ua*************@TK2MSFTNGP11.phx.gbl...
Do you just want this one page to be restricted or the entire site. If you want to protect the entire site, I think that you can configure IIS to
restrict access to specific IP addresses.

"Z D" <no****@nospam.com> wrote in message
news:O4**************@tk2msftngp13.phx.gbl...
Hello,

I'm trying to create an ASP.NET page that ONLY allows access if its
linked-to from another specific server. I know the IP address of this
server.

I was wondering how I'd go about setting this up in a secure way?

I considered using HTTP_REFERER but I found that its easy to spoof this and
its not very reliable.

What other options do I have? I'd like to avoid passing something in the
querystring because it's just too easy for someone to try and hack it. It seems, however, that the querystring would be my only option. Does

anybody
know of a mechanism that I can use to encrypt the querystring in a
time-dependent manner (so that the user cant copy the querystring and

use it
the next day / give it to someone else).

Any suggestions?

thanks!


Nov 18 '05 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

6
SP2 blocking the same code on one page but not another
by: bissatch | last post by:
Hi, I have been tryin to run free dhtml code from a web page. The web page is: http://dynamicdrive.com/dynamicindex14/pixelate.htm When I load the page above it opens as normal and the...
Javascript
1
How to call a page in a remote site and get the result within your page with javascript
by: nabilo | last post by:
I want to know if it's possible to call, within my cgi page, using javascript, a remote url and get the result without changing my actual page. To say more, I have a page result appaired to the...
Javascript
0
Printing Problem - II (in aspx page)
by: Niyazi | last post by:
Hi all, This my aspx page first line of code. <%@ Page CodeBehind="index.aspx.vb" Language="vb" AutoEventWireup="false" Inherits="TB.index" %> Than inside head tag I have following script(s)...
.NET Framework
5
Want to Reboot server from ASPX page
by: Terry | last post by:
I am developing a asp.net web based service application for our product I am trying to trigger a reboot of the server based on a user request I believe I have all the appropriate code for...
ASP.NET
15
Page has Expired - using html input control (type=file)
by: Nathan | last post by:
I have an aspx page with a data grid, some textboxes, and an update button. This page also has one html input element with type=file (not inside the data grid and runat=server). The update...
ASP.NET
7
How do I protect my login page from prying eyes (forms authentication)?
by: Alan Silver | last post by:
Hello, Sorry this is a bit wordy, but it's a pretty simple question... I have a web site, http://domain/ which is a public site, part of which (http://domain/a/) is protected by forms...
ASP.NET
6
Can't make this page work
by: scottyman | last post by:
I can't make this script work properly. I've gone as far as I can with it and the rest is out of my ability. I can do some html editing but I'm lost in the Java world. The script at the bottom of...
Javascript
2
random error when using page outputCache
by: Nalaka | last post by:
Hi, I get the following error, I thought at random intervals. Then I realized, that this happens around the time tha page outputCache is set to expire. So I disabled the page output cache and the...
ASP.NET
0
Web page to enumerate groups in active directory
by: bcanter | last post by:
I found a file on the web that will allow you to enumerate groups but it was an .hta and the top level admins won't allow this. I need to give managers access to the groups so that when a new user is...
Visual Basic 4 / 5 / 6
0
Adding vb ocx on asp page
by: cmardhekar | last post by:
Hi I have to add third party ocx on web page. For that we developed windows control librray and add ocx on that. After creating dll i added that dll in Web page by object tag. Weh i try to load...
.NET Framework
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!