Category Archives: System hardening

Enable secure cookies over HTTPS.

It is important to realize that although a website might be running under HTTPS it does not guarantee that the session information is not accessible from normal HTTP requests. When a session cookie is generated it is important to make sure that the cookie can only be transmitted over a secure HTTP connection (HTTPS).

Add security headers to asp.net core

Asp.net core security headers middleware

As in .net framework it is just as important to add security headers to your asp.net core project to harden the security posture of your web application.