From Web Installation to IIS Server Authentications
What Are The DNN Web Application Security Best Practices?
There are several areas of your website that you need to secure, to prevent hackers from having access to it. First, while writing your DNN website module, you must do that with security in mind.
Speaking of security, I'm talking about having general web application security best practices in mind, while writing your DNN module. One of such measures is "defense in depth", a principle of adding more layers of protection to your website to protect it from malicious attacks. Admittedly, most hackers are very good in certain areas like SQL injection. However, only a few have the skill necessary to break through many security layers. As such, writing your DNN module with defense in depth in mind will most likely prevent your website security from being hacked.
As mentioned earlier, web hosts will most likely suspend your functioning if you're under malicious attacks. To prevent that from happening, one of the web application security best practices that you need to consider is hardening your DNN installation. So, before going ahead to install your DotNetNuke, you must ensure that you secure your servers, including IIS and SQL - if in use. Let's have a quick look at the DNN web application security best practices for IIS below: