.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
 
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
david stephan

Home >> Articles >> Security >> Post New Resource Bookmark and Share   

 Subscribe to Articles

URL Rewriting in ASP.NET

Posted By:Ashutosh Jha       Posted Date: August 31, 2014    Points: 200    Category: Security    URL: http://www.dotnetspark.com  

Here i am going to explain how we can rewrite the urls of a web pages and how to put alias name of urls
 

Here i am going to explain how we can rewrite the urls of a web pages and how to put alias name of urls. This will increase the security of the website. Using alias name in the url, one can't easily understand in which language the site has been developed.

Suppose my site url is http:abc.com and i am trying to open contact us page so its url will be-

http://locatorhome.com/contactus.aspx (For the site developed in ASP.NET).
but if we can set somehow, contactus.aspx to contact us, then very easily no one can understand also it looks cool also and the url will be-

http://abc.com/contact-us

<rule name="registration" stopProcessing="true">
<match url="^registration$" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
<add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
</conditions>
<action type="Rewrite" url="registration.aspx" />
</rule>

And URL rewriting is also one of the major point in the website security. The url should start with www. For this in .NET we have to set this in web.config file. By default whenever you will put any url, it will get opened. But our aim is, when ever any user put that url like abc.com, it should get automatically converted into -

www.abc.com

for this we need to code the web.config, configuration file of the project. You can do this like below-

<rewrite>
<rules>
<rule name="301 redirect from non-www to www for abc" enabled="true" stopProcessing="true">
<match url="(.*)"/>
<conditions logicalGrouping="MatchAll" trackAllCaptures="false">
<add input="{HTTP_HOST}" pattern="^www\.abc\.com$" negate="true"/>
</conditions>
<action type="Redirect" url="www.abc.com/{R:1}"/>
</rule>
</rewrite>

Conclusion: With these two measures, we can make our site more secure.
 Subscribe to Articles

     

Further Readings:

Responses

No response found. Be the first to respond this post

Post Comment

You must Sign In To post reply
Find More Articles on C#, ASP.Net, Vb.Net, SQL Server and more Here

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend