ThatSoftware<Dude>

Musings of a .NET Developer, CTO and Tech Enthusiast

#Security
keeping your websites more secure in 2018

This year we didn't hear too much in the news about security breaches or stolen data, although undoubtedly those incidents continued to happen and will continue to happen for various reasons. Learning how potential intruders will try to break into your system to steal data, or just for fun, is a part of life for most software engineers, although at a much smaller scale than the big tech companies. So today I'll be going over a few ways in which to keep your websites more secure in the new year.

. . .
Read more
how to set up an ssl certificate with godaddy

While in the past it seemed like you could do just fine without the hassle of setting up an SSL certificate, it seems that as of late that might come at a cost to your search ranking. Search engines began taking security status into account a few years ago, and if things continue on that trend, which they most likely will, then you're best bet is to get yourself an SSL certificate.

. . .
Read more
implementing google's invisible recaptcha in .net

If keeping bots away is your thing, then using Google's reCAPTCHA is a must. And while it can be tedious to click on 20 images of cars in order to verify that I'm human, it will keep your database clean from spam. Thanks to the new Invisible reCAPTCHA users won't know that there is a security measure in place until after they perform some action on your website. Which is good from a UX standpoint as seeing a reCAPTCHA field might deter some users from signing up. Sounds weird, but it's true.

. . .
Read more
battle of the bots

And not at all in a cool way unfortunately. But in a more "that's kind of annoying..." way. For the most part, bots roam the interwebs hourly, daily, yearly without anyone noticing and they will continue to do so until the end of machine time without anyone's consent and knowledge. Think of SkyNet, but without any really useful powers. Some are good and some are bad. Some are smart, and some just eat until they fill up their logs. Much like the human does.

But they're a problem, and depending on how you see things, it could be kind of a big problem. As an example, just recently I began looking at several of my websites internal logs. And was somewhat curious as to what I saw. T . . .

Read more
why tracking website visitors is important

If you've just finished watching Snowden, then please don't spoil it for me. Although I think I know how it ends. Security is a hot topic right now, with daily hacks and email leaks and "private email servers", which I'm sure no one that's said those words in the past month has any clue about. But it's mysterious, because it's private, and a server. So today I thought I'd go over an overlooked, but important, element in this online privacy and security world.

. . .
Read more
increase security with two factor authentication and u2f

Security is getting more difficult to attain nowadays on the old interwebs, and for good reason. It's not about hackers getting more clever, like we see in Mr. Robot, but more about companies getting a bit lazier. It's about not having the correct standards in place, and mainly the fact that humans work at the companies where your password is stored. If we want total security, we'd need companies like LinkedIn to be solely run by autonomous beings, which is a post for another time. But, things are looking up, and there are newer security measures being developed that can a . . .

Read more
taking a look at security in shared hosting

I've always been a proponent of having just the most secure site that you can possibly make. And as such, I always take precautions to make sure of that and also, because I am just one man, things are going to happen. I track as many anomalies as I can, I ensure that all passwords are hashed, and if need be I block traffic coming from suspicious nodes, things that I think everyone should be doing to better secure their sites. But just recently, none of that mattered. No amount of secure code or configuration can fully protect your digital environment on a shared hosting server. Let me correct that phrase, on a Windows Shared Hosting environment.

. . .
Read more
a closer look at how and why websites track you

It is no surprise that websites nowadays track your every move. Google, Amazon, Facebook, Apple, etc etc. The list goes on and on and for the most part people hate it, which is normal. People want to sign up for a website and have no data stored anywhere. Which unfortunately isn't possible in our day and age. Ten years ago it was more possible I think. The web was a static place and you grabbed your content and then made your way out. And then people discovered user authentication and voila, our digital life began to form. But in order for that to work, your name and email need to be stored somewhere. Your birthday needs to captured, sometimes to prove that you're 13+ years old. And some . . .

Read more
2
implementing google's no captcha recaptcha in asp.net

Captchas and reCaptchas are great inventions. They help keep spam out and help to verify that humans are on the interwebs and not mischievous bots buying up all of our concert tickets. Captchas were annoying for the most part and they always took 3-4 attempts to get right. reCaptchas were less annoying, and at the same time they also did an amazing thing. They helped to digitize text in books that was illegible for machines. But in the end they still kind of sucked a bit. There was always that 'a' that might of been a '9' or the 'i' that could of been a '1', 'l', '|' etc.

. . .
Read more
how to encrypt passwords using sha-256 in .net

.NET makes it pretty simple to work with data encryption with the Cryptography namespace. So there should be no reason to have plain text passwords in your database, like I've seen sooo many times at various companies that I've worked for. And we've read countless times about companies getting hacked, so taking any extra measures to protect your data is important. Or for any of your data encryption needs really. And while I'm not an expert in hashing algorithms and encryption, I know enough to build login systems using them. While the odds of someone taking over your database aren't exactly super high, it is possible, and you want to lower the amount of damage done to your users/clients as much as you can.

. . .
Read more
Load older posts
"sometimes you have to delete, to find your answer"
Copyright © 2018 thatsoftwaredude.com
humans.txt
TOP SCORES
Score in the top 10 and leave your Instagram handle.
Start
0