The Web Security Forum project is a forum application designed to demonstrate secure coding practices and protections against common web vulnerabilities. This project showcases advanced web security techniques using ASP.NET Core MVC.
- Framework: ASP.NET Core (.NET 8.0)
- Database: Microsoft SQL Server 2022
- ORM: Entity Framework Core
- Authentication: ASP.NET Core Identity
To install and run Web Security Forum on your local machine, follow these steps:
- .NET 8.0 SDK
- Visual Studio or your preferred text editor
- Microsoft SQL Server 2022 (or later version)
-
Clone the Repository
git clone https://github.com/ocharron/WebSecurityForum.git
-
Database Configuration
- Create a new database in SQL Server.
- Update the connection string in the
appsettings.jsonfile with your database details. - Execute migrations to set up the database schema:
dotnet ef migrations add <MigrationName> dotnet ef database update
-
Compilation and Execution
- Open the project in Visual Studio or use the command line.
- Run the following command to restore dependencies:
dotnet restore
- Then, run the application:
dotnet run
- Secure Authentication: Implements ASP.NET Identity for secure user authentication.
- Role-Based Authorization: Manage user roles and permissions to protect sensitive features.
- Protection Against Vulnerabilities: Safeguards against SQL Injection, XSS, and CSRF.
- Logging and Monitoring: Includes security logging for monitoring login attempts and suspicious activities.
- Error Handling: Customized exception handling to prevent sensitive information exposure.
This project was developed by Olivier Charron.