I have a website designed in ASP.NET
In my BIN-folder I have several .NET dll-files:
DreamweaverCtrls.dll
FreeTextBox.dll
WebXelMail.dll
Now, for "security" reason my hoster told me it is prohibited to put .dll
files on the webspace.
So, right now they deleted all the dll files and blocked my bin folder.
Result: my site is completely down...
I did some searching on this and I have another hoster that says the
following on its support section:
"You cannot install your own ASP component DLL's. However, a number of ASP
components are available for use on each webserver, such as an upload
component, an e-mail component etc.
Please note that you can use .NET DLL's without restriction (for ASP.NET,
not for ASP), they simply can be uploaded together with your .NET
webapplication."
So my conclusion is that asp dll's are more unsecure than .NET dll's. But
why? And am I right?
Has anyone an explanation for this, so that I can convince my hoster to
allow those .NET dll's and get my site back online ?
Thanks a lot for your replies,
Nic.
5  1955 
It seems like asp dll's are called "unmanaged dll's"
and .NET dll are called "managed dll's"
But what's the difference...?
And why are managed dll more secure...?
"nicholas" <mu********@hotmail.com> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl... I have a website designed in ASP.NET
In my BIN-folder I have several .NET dll-files:
DreamweaverCtrls.dll
FreeTextBox.dll
WebXelMail.dll
Now, for "security" reason my hoster told me it is prohibited to put .dll
files on the webspace.
So, right now they deleted all the dll files and blocked my bin folder.
Result: my site is completely down...
I did some searching on this and I have another hoster that says the
following on its support section:
"You cannot install your own ASP component DLL's. However, a number of ASP
components are available for use on each webserver, such as an upload
component, an e-mail component etc.
Please note that you can use .NET DLL's without restriction (for ASP.NET,
not for ASP), they simply can be uploaded together with your .NET
webapplication."
So my conclusion is that asp dll's are more unsecure than .NET dll's. But
why? And am I right?
Has anyone an explanation for this, so that I can convince my hoster to
allow those .NET dll's and get my site back online ?
Thanks a lot for your replies,
Nic.
Nicholas,
ASP DLLs are COM Components, which mean they must be registered using
regsrv32 (which puts them in the registry, and makes the avaiable
system-wide). This alone could be a reason a host wouldn't want to let you
use COM DLLs.
I can't think of a reason why your host won't let you have ASPNET Apps. All
they would have to do is set up a user for your website, limit that users
permission, and run applications under that user. No big deal at all.
Honestly, I'd switch hosts. I'm with Terrasite, and am very happy with their
service. You can go to eBay and get a good package for $50 for the first
year.
-- Alex Papadimoulis
"nicholas" <mu********@hotmail.com> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl... I have a website designed in ASP.NET
In my BIN-folder I have several .NET dll-files:
DreamweaverCtrls.dll
FreeTextBox.dll
WebXelMail.dll
Now, for "security" reason my hoster told me it is prohibited to put .dll
files on the webspace.
So, right now they deleted all the dll files and blocked my bin folder.
Result: my site is completely down...
I did some searching on this and I have another hoster that says the
following on its support section:
"You cannot install your own ASP component DLL's. However, a number of ASP
components are available for use on each webserver, such as an upload
component, an e-mail component etc.
Please note that you can use .NET DLL's without restriction (for ASP.NET,
not for ASP), they simply can be uploaded together with your .NET
webapplication."
So my conclusion is that asp dll's are more unsecure than .NET dll's. But
why? And am I right?
Has anyone an explanation for this, so that I can convince my hoster to
allow those .NET dll's and get my site back online ?
Thanks a lot for your replies,
Nic.
Hi nicholas,
It's not a security issue. First of all, your hosting service has complete
control over security on their servers. If they have a security issue, it's
their fault, not yours. .Net security is eminently configurable. Chances
are, they don't know enough about .Net to configure it. Good reason to
change hosting services.
ASP component DLLs are COM objects, which must be registered on the server
in which they run. Chances are, the "new" hosting service doesn't want to be
bothered with testing and registering them. As they are not afraid of .Net
DLLs, they would be my first choice as a hosting company.
--
HTH,
Kevin Spencer
..Net Developer
Microsoft MVP
Big things are made up
of lots of little things.
"nicholas" <mu********@hotmail.com> wrote in message
news:#X**************@TK2MSFTNGP10.phx.gbl... I have a website designed in ASP.NET
In my BIN-folder I have several .NET dll-files:
DreamweaverCtrls.dll
FreeTextBox.dll
WebXelMail.dll
Now, for "security" reason my hoster told me it is prohibited to put .dll
files on the webspace.
So, right now they deleted all the dll files and blocked my bin folder.
Result: my site is completely down...
I did some searching on this and I have another hoster that says the
following on its support section:
"You cannot install your own ASP component DLL's. However, a number of ASP
components are available for use on each webserver, such as an upload
component, an e-mail component etc.
Please note that you can use .NET DLL's without restriction (for ASP.NET,
not for ASP), they simply can be uploaded together with your .NET
webapplication."
So my conclusion is that asp dll's are more unsecure than .NET dll's. But
why? And am I right?
Has anyone an explanation for this, so that I can convince my hoster to
allow those .NET dll's and get my site back online ?
Thanks a lot for your replies,
Nic.
Thanks for the info everyone.
I told the whole story to my hoster. He says that .NET dll's are also
insecure. Although not as much as asp dll's.
The site was hosted on a WIN 2000 server and they are now placing it on a
WIN 2003 server. They say the 2003 server is designed for asp.net. But
they still say it's not 100% secure...
If I understand it right, a hacker could use asp dll's to execute some
things on the server.
What you all are saying is that with the .NET dll's this is not possible.
My hoster says it is still possible.
I don't realy get it.
Anyway, my problem is solved.
Thanks again for all your help !
Nic.
"Kevin Spencer" <uc*@ftc.gov> wrote in message
news:Ol****************@TK2MSFTNGP11.phx.gbl... Hi nicholas,
It's not a security issue. First of all, your hosting service has complete
control over security on their servers. If they have a security issue,
it's their fault, not yours. .Net security is eminently configurable. Chances
are, they don't know enough about .Net to configure it. Good reason to
change hosting services.
ASP component DLLs are COM objects, which must be registered on the server
in which they run. Chances are, the "new" hosting service doesn't want to
be bothered with testing and registering them. As they are not afraid of .Net
DLLs, they would be my first choice as a hosting company.
--
HTH,
Kevin Spencer
.Net Developer
Microsoft MVP
Big things are made up
of lots of little things.
"nicholas" <mu********@hotmail.com> wrote in message
news:#X**************@TK2MSFTNGP10.phx.gbl... I have a website designed in ASP.NET
In my BIN-folder I have several .NET dll-files:
DreamweaverCtrls.dll
FreeTextBox.dll
WebXelMail.dll
Now, for "security" reason my hoster told me it is prohibited to put
..dll files on the webspace.
So, right now they deleted all the dll files and blocked my bin folder.
Result: my site is completely down...
I did some searching on this and I have another hoster that says the
following on its support section:
"You cannot install your own ASP component DLL's. However, a number of
ASP components are available for use on each webserver, such as an upload
component, an e-mail component etc.
Please note that you can use .NET DLL's without restriction (for
ASP.NET, not for ASP), they simply can be uploaded together with your .NET
webapplication."
So my conclusion is that asp dll's are more unsecure than .NET dll's.
But why? And am I right?
Has anyone an explanation for this, so that I can convince my hoster to
allow those .NET dll's and get my site back online ?
Thanks a lot for your replies,
Nic.
If he tells you that .Net DLLs are not secure, ask him to explain why. That
should be good entertainment for you.
--
HTH,
Kevin Spencer
..Net Developer
Microsoft MVP
Big things are made up
of lots of little things.
"nicholas" <mu********@hotmail.com> wrote in message
news:u2**************@TK2MSFTNGP09.phx.gbl... Thanks for the info everyone.
I told the whole story to my hoster. He says that .NET dll's are also
insecure. Although not as much as asp dll's.
The site was hosted on a WIN 2000 server and they are now placing it on a
WIN 2003 server. They say the 2003 server is designed for asp.net. But
they still say it's not 100% secure...
If I understand it right, a hacker could use asp dll's to execute some
things on the server.
What you all are saying is that with the .NET dll's this is not possible.
My hoster says it is still possible.
I don't realy get it.
Anyway, my problem is solved.
Thanks again for all your help !
Nic.
"Kevin Spencer" <uc*@ftc.gov> wrote in message
news:Ol****************@TK2MSFTNGP11.phx.gbl... Hi nicholas,
It's not a security issue. First of all, your hosting service has
complete control over security on their servers. If they have a security issue, it's their fault, not yours. .Net security is eminently configurable. Chances
are, they don't know enough about .Net to configure it. Good reason to
change hosting services.
ASP component DLLs are COM objects, which must be registered on the
server in which they run. Chances are, the "new" hosting service doesn't want
to be bothered with testing and registering them. As they are not afraid of
..Net DLLs, they would be my first choice as a hosting company.
--
HTH,
Kevin Spencer
.Net Developer
Microsoft MVP
Big things are made up
of lots of little things.
"nicholas" <mu********@hotmail.com> wrote in message
news:#X**************@TK2MSFTNGP10.phx.gbl... I have a website designed in ASP.NET
In my BIN-folder I have several .NET dll-files:
DreamweaverCtrls.dll
FreeTextBox.dll
WebXelMail.dll
Now, for "security" reason my hoster told me it is prohibited to put
.dll files on the webspace.
So, right now they deleted all the dll files and blocked my bin
folder. Result: my site is completely down...
I did some searching on this and I have another hoster that says the
following on its support section:
"You cannot install your own ASP component DLL's. However, a number of ASP components are available for use on each webserver, such as an upload
component, an e-mail component etc.
Please note that you can use .NET DLL's without restriction (for ASP.NET, not for ASP), they simply can be uploaded together with your .NET
webapplication."
So my conclusion is that asp dll's are more unsecure than .NET dll's. But why? And am I right?
Has anyone an explanation for this, so that I can convince my hoster
to allow those .NET dll's and get my site back online ?
Thanks a lot for your replies,
Nic.
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: robert |
last post by:
well, talk about timely. i'm tasked to implement a security feature,
and would rather do so in the database than the application code. the
application is generally Oracle, but sometimes DB2. ...
|
by: Mike MacSween |
last post by:
S**t for brains strikes again!
Why did I do that? When I met the clients and at some point they vaguely
asked whether eventually would it be possible to have some people who could
read the data...
|
by: Ashish |
last post by:
Hi Guys
I am getting the following error while implementing authentication using
WS-security.
"Microsoft.Web.Services2.Security.SecurityFault: The security token could
not be authenticated...
|
by: prithvi g via .NET 247 |
last post by:
Hi
I am a newbie to .NET remoting, I am trying to implementauthorization using SSPI example provided by Michael Barnett. Ihave included the required dll(Microsoft.Samples.Security.SSPI.dll...
|
by: Earl Teigrob |
last post by:
Background:
When I create a ASP.NET control (User or custom), it often requires security to be set for certain functionality with the control. For example, a news release user control that is...
|
by: Magdelin |
last post by:
Hi,
My security team thinks allowing communication between the two IIS instances
leads to severe security risks. Basically, we want to put our presentation
tier on the perimeter network and the...
|
by: Jay C. |
last post by:
Jay
3 Jan. 11:38 Optionen anzeigen
Newsgroups: microsoft.public.dotnet.framework.webservices.enhancements
Von: "Jay" <p.brunm...@nusurf.at> - Nachrichten dieses Autors suchen
Datum: 3 Jan...
|
by: Velvet |
last post by:
I ran FxCop on one of the components for my web site and the security rules
what me to add " tags like the ones listed
below:
This breaks my ASP.NET application. So my question is,...
|
by: Jeremy S. |
last post by:
..NET's code Access Security enables administrators to restrict the types of
things that a .NET application can do on a local computer. For example, a
..NET Windows Forms application can be...
|
by: Budhi Saputra Prasetya |
last post by:
Hi,
I managed to create a Windows Form Control and put it on my ASP .NET page. I
have done the suggestion that is provided by modifying the security settings.
From the stack trace, I would...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
| |
