Project Hosting for Open Source Software
Are you Sure?
By clicking Delete, all history, comments and attachments for this page will be deleted and cannot be restored.
Change History (all pages)
All Project Updates
Wiki & Documentation
You'll find the NWebsec packages on NuGet:
The NWebsec security libraries for ASP.NET applications are built on the philosophy that security should be simple and maintainable.
lets you remove version headers, control cache headers, stop potentially dangerous redirects, and set important security headers. If you're not sure what "security headers" are, check out this blog post:
Security through HTTP response headers
provides OWIN middleware to stop potentially dangerous redirects and set important security headers.
improves ASP.NET session security. Read more about the improvements in the blog post
Ramping up ASP.NET session security
helps you harden the TLS configuration for Azure web role instances. Learn why you need to harden the default TLS configuration in the blog post
Hardening Windows Server 2008/2012 and Azure SSL/TLS configuration
Did you now that the SDL requires countermeasures against session fixation attacks, and that certain security headers must set by your web application? No? See
NWebsec and the SDL
to learn more.
Check out the
NWebsec demo site
to see the headers and session security improvements in action.
to see how it works.
To keep up with new releases or to give feedback, find
on Twitter. You can also get in touch at nwebsec (at) nwebsec (dot) com.
Apr 18 at 3:40 PM
, version 26
© 2006-2014 Microsoft
Code of Conduct
Advertise With Us