There may be cases where you don’t have as free of access to the meta information or web.config to set redirects in place. You can also do this with JavaScript!
Here’s the snippet (place this in between script tags in the body or applicable section in the body that allows HTML):
<script type="text/javascript">
window.location.replace("http://www.yourexamplesite.com/some-other-page.html");
</script>
Hope that helps.
If you have .Net web applications that are connecting to data sources that you do not want other users to know about then chances are it is about time to start encrypting the connection strings. Why is this important? If you have an external website that fails (and you do not have any custom error pages) then you may expose connection information in the stack trace or error messages. Also, you do not want to allow other developers that stumble upon your connection string to see your connection information in clear text. Over time and many applications later I went from trying to remember paths and commands and have created batch files to perform this on a minimal web.config.
I am going to walk through how to create some encrypt/decrypt batch files and how these are used in conjunction with your web.config.
echo Decrypting connection strings C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe -pdf "connectionStrings" "C:\decrypter" Pause
echo Encrypting connection strings C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe -pef "connectionStrings" "C:\decrypter" Pause
<?xml version="1.0" encoding="utf-8"?> <configuration> <connectionStrings> <add name="Demo" connectionString="Data Source=123.45.67.89;Initial Catalog=DemoCatalog;Persist Security Info=True;User ID=specialuser;Password=specialpassword" providerName="System.Data.SqlClient" /> </connectionStrings> </configuration>
<?xml version="1.0" encoding="utf-8"?> <configuration> <connectionStrings configProtectionProvider="RsaProtectedConfigurationProvider"> <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns="http://www.w3.org/2001/04/xmlenc#"> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" /> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#"> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" /> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <KeyName>Rsa Key</KeyName> </KeyInfo> <CipherData> <CipherValue>You'll Have A Cipher Here.</CipherValue> </CipherData> </EncryptedKey> </KeyInfo> <CipherData> <CipherValue>You'll Have A Cipher Here.</CipherValue> </CipherData> </EncryptedData> </connectionStrings> </configuration>
I recently just performed a PHP upgrade from 5.6.15 to 7.0.1. After doing everything I had suspected I needed to do I received this error in my logs when trying to start Apache:
httpd.exe: Syntax error on line 569 of C:/Program Files (x86)/Apache Software Foundation/Apache24/conf/httpd.conf: Cannot load C:/Program Files (x86)/PHP.7.0.1/php7apache2_4.dll into server: The specified module could not be found.
Here is what I had in that block, bolding the item in question:
LoadModule php7_module "C:/Program Files (x86)/PHP.7.0.1/php7apache2_4.dll" AddHandler application/x-httpd-php .php PHPIniDir "C:/Program Files (x86)/PHP.7.0.1/"
Huh??? I checked and double checked and that file was there. After about 2 hours of scratching my head I then found a forum post that clicked for me. You may not be recognizing the .dll file because it has a dependency on the Visual C++ Redistributable for Visual Studio 2015. Once I downloaded and installed the exe files (located here) then after another restart I started seeing my pages again. Hope it helps.
Perhaps as you were setting up your brand new shiny 2012 R2 Web Application Proxy (WAP) to connect to your 2012 R2 Active Directory Federation Services (ADFS 3.0) server you ran into a 404 error in the web browser followed by this error message in the event viewer logs when trying to do your idpinitiated sign on test from the internet using the WAP DNS URL:
Event ID 144
The Federation Service Proxy blocked an illegitimate request made by a client, as there was no matching endpoint registered at the proxy.
Huh?!?!? Okay, so here is one of the reasons why it is generating: the root part of your DNS you use at the proxy must match the DNS you have on your internal ADFS server.
For example, if you configured your internal federation service name to be different (adfs.internaldomain.com) than the web application proxy name (adfs.yourexternalweb.com) then when the proxy tries to interpret the request it sees the mismatching DNS as an illegitimate request, thus blocking it. And while the WAP will publish various web applications that have different DNS this does not cover the initial configuration of the WAP when it is initially pointed to the internal ADFS server.
So what’s the solution?
Get a DNS entry on your internal domain to point to your internal ADFS server using what you used for the web application proxy. These names MUST match for the WAP to work. If you cannot get a DNS entry on your internal domain to match the DNS on the external domain then my recommendation would be to use your etc/hosts file to point your proxy to your ADFS server.
Once you have the DNS entry or etc/hosts entry in place for your WAP and ADFS server then do the following:
1. Put the adfs.yourexternalweb.com public cert (with private key) on the ADFS server to be used for communications.
2. (Assuming ADFS has already been configured) Remove the adfs role from the ADFS server and do not save the databases and reboot.
4. Install the ADFS role with the new matching Federation Service name (adfs.yourexternalweb.com). Make sure to point to the newly installed certificate. Do not utilize old database information. Create a new WID database.
5. Remove the WAP role from the WAP server.
6. Reboot.
7. Reinstall WAP role and Configure. Once post deployment has completed successfully do NOT create an app for ADFS as it is automatically publishing ADFS as a proxy under the covers.
Hope this helps. Questions are welcome.
Users are getting more and more tired of interpreting images with random numbers or letters that take 2-3 tries to get. Google has a new release of the reCaptcha to include a “No Captcha” feature. You can read about that more here. Here are the steps that I took to include this newer version into a ASP.Net web application.
<script src="https://www.google.com/recaptcha/api.js" type="text/javascript"></script>
<div class="g-recaptcha" data-sitekey="yoursitekey"></div>
using Newtonsoft.Json;
public class ReCaptchaClass
{
public static string Validate(string EncodedResponse)
{
var client = new System.Net.WebClient();
IWebProxy defaultWebProxy = WebRequest.DefaultWebProxy;
defaultWebProxy.Credentials = CredentialCache.DefaultCredentials;
client.Proxy = defaultWebProxy;
string PrivateKey = "yoursecretkeygoeshere";
var GoogleReply = client.DownloadString(string.Format("https://www.google.com/recaptcha/api/siteverify?secret={0}&response={1}", PrivateKey, EncodedResponse));
var captchaResponse = Newtonsoft.Json.JsonConvert.DeserializeObject(GoogleReply);
return captchaResponse.Success;
}
[JsonProperty("success")]
public string Success
{
get { return m_Success; }
set { m_Success = value; }
}
private string m_Success;
[JsonProperty("error-codes")]
public List ErrorCodes
{
get { return m_ErrorCodes; }
set { m_ErrorCodes = value; }
}
private List m_ErrorCodes;
}
string EncodedResponse = Request.Form["g-Recaptcha-Response"];
bool IsCaptchaValid = (ReCaptchaClass.Validate(EncodedResponse) == "True" ? true : false);
if (IsCaptchaValid) {
//Valid Request
}
That’s it! Easy enough, right? I hope it helps. Questions are always welcome.
@JaredMeredith 