Posts

Secure .NET Core Api Server and Client

Image
 Hi Guys, Recently I had a requirement to create a JWT token based WebApi server and a WebApi Client to consume it using .NET Core. So first I created two .NET Core Web Api projects as shown below. In the appsettings.json file of both the WebApi Server and the Client. I added the following values. "JwtConfig": { "Key": "dsadsagfaqrergsdsfdffdsfdsffdsfdsfdsfdsfdfdsfsfdsfd", //Some Secure Key longer the better "AudienceId": 7895, //Some Secure Audience Id "HostUrl": "https://somesecureurl.com" //Some Host Url } Now we will first look at implementation of the WebApi Server. 1) First we must create code to Generate the JWT token, this can be achieved by creating JWTTokenManager.cs file and adding following code public interface IJwtTokenManager { string Authenticate(string userName, string password); } public class JwtTokenManager : IJwtTokenManager { private readonly IConfiguration _c

Windows Desktop Watermark with username

Image
 Hi Guys, I recently had a requirement from a client to implement a way to protect sensitive documents from being photographed from mobile devices and shared online. To mitigate this issue I made a windows application using C#.  When the exe runs it will read current logged in users' domain user account and display his username throughout the screen. I have given options to change the displayed text to username, hostname of the computer or any custom texts. You can get this application from the following url  Desktop watermark Note: This is works only in Windows Operating Systems

Calling ChatGPT using .NET Core

Image
  Hi Guys, With the immense hype created by ChatGPT every technology is adopting ways to integrate ChatGPT to their frameworks. Hence, a brilliant team led by Hassan Habib  has managed to give .NET Developers a way to call ChatGPT programmatically and get the responses. Remember this is still a new project you might encounter some issues, but the Standard.AI.OpenAI team is ready to help us developers in this journey. The source code can be found here. 1) First you must register yourself at https://platform.openai.com 2) Then you must generate an API Key as shown below. 3) Now you can start integrating your .NET Core applications to use openai. For this purpose I use a console application (.NET 7).  4) Install the Nuget package Standard.AI.OpenAI 5) Copy paste the below code using Microsoft.AspNetCore.Mvc; using Standard.AI.OpenAI.Brokers.DateTimes; using Standard.AI.OpenAI.Clients.OpenAIs; using Standard.AI.OpenAI.Models.Configurations; using Standard.AI.OpenAI.Models.Services.Foundati

Security tips for hosting .NET Web Application on IIS

Image
  Hi guys, After having made multiple small/medium level web application and hosted them in IIS. I have learned certain actions we can take while hosting to make a web application secure. They are as below. 1) Prevent Clickjacking In order to prevent clickjacking add the below to configuration > system.webServer > httpProtocol > customHeaders in web.config.  <add name="X-Frame-Options" value="sameorigin" /> 2) To prevent clients knowing what options the server is serving (unless you want them to know) add the below  to configuration > system.webServer > httpProtocol > customHeaders in web.config. <add name="X-Content-Type-Options" value="nosniff" /> 3) To prevent CSS attacks add the below to configuration > system.webServer > httpProtocol > customHeaders in web.config. <add name="X-XSS-Protection" value="1" /> 4) Make sure you are using https (TLS) whenever you can. 5) Go to your we

Calling Powershell scripts from C# to monitor IIS Application pool

Image
  Hi All, I recently had a requirement to monitor an application pool in one of our server and if it is gets stopped for some odd reason it must be restarted automatically. I created a windows application to achieve this task. The following are two methods which I used to check the status and if it is stopped to start the application pool.    private string GetpoolStatus(string computerName,string appPoolName)         {             Runspace runspace = System.Management.Automation.Runspaces.RunspaceFactory.CreateRunspace();                          PowerShell powershell = PowerShell.Create();                          PSCommand command = new PSCommand();             string result = "";             ScriptBlock scriptBlock = ScriptBlock.Create("Import-Module WebAdministration; Get-WebAppPoolState -NAME " + appPoolName + "");             command.AddCommand("Invoke-Command").AddParameter("ComputerName", computerName).             AddParameter

Get Remote machine OS Version by querying Active Directory

Image
  Hi All, Recently I had a requirement to find out the OS Version of remote machine but RPC calling were blocked in all machines due to security reasons. So I had to find another way. I achieved this task simply by querying our organisation Active Directory by computer name. I have copied the method I used to achieve this task. public string GetOSVersion(string computername)         {             DirectoryEntry deRoot;             string RootPath;             RootPath = ConfigurationManager.AppSettings["ADPath"];             deRoot = new DirectoryEntry(ConfigurationManager.AppSettings["ADPath"],                                         ConfigurationManager.AppSettings["ADUsername"],                                         ConfigurationManager.AppSettings["ADPassword"]);             deRoot.Path = RootPath;             DirectorySearcher ds = new DirectorySearcher(deRoot);             string strComputername = string.IsNullOrEmpty(computername) ? &quo

Azure DevOps - Notification Email not being sent

Image
 Hi Guys, Recently I encountered an issue of Notification Emails not being sent when an event occurred within my companies Azure DevOps environment. After spending hours going through log files, databases still I couldn't find any issue. Finally I went to the DevOps servers and found out the server time was wrong and once I fixed it. We started receiving Notification Emails. Hope this Helps someone