Please do me a favor and read this on my Gooroo site. (if I get enough hits, I get a payment) Thanks! I recently received the status report of a penetration test of my ASP.Net Core 1.0 MVC site done by our IT team. They used Rapid 7s vulnerability/penetration testing tool called Nexpose. I wish I had known about it before I thought I was “done” (I haven’t written code for it for a few weeks, it has been tested and is ready to deploy), but that’s a different story. I should be doing this testing as ......
I've learned a lot about Asp.Net Core RC2, Kestrel and ports as I failed in various attempts to get a http to https redirect. I share this as a retrospective for myself and in hopes of helping you avoid the swamp and to stay on the narrow road. Goal Host Asp.Net with Kestrel without IIS for an internal app. I'd like to hit the machine at http://machine-name/ and get redirected to a login at https://machine-name without ports. If they hit http(s)://machine-name/inde... without an authentication ......