n-Tier Apps Archives - Anuj Varma, Hands-On Technology Architect, Clean Air Activist

Archives for n-Tier Apps

Locking down UAT Environments

September 17, 2025 Locking down UAT Environments2025-09-17T09:48:53-05:00 Security No Comment

Locking Down UAT Egress: What to Whitelist for External APIs When your UAT environment needs to call third-party APIs, give it only the network access it truly needs —…

What the heck is CORs? Can CloudFlare help me with CORs security issues?

June 27, 2025 What the heck is CORs? Can CloudFlare help me with CORs security issues?2025-06-27T12:31:54-05:00 Web Applications No Comment

Why CORS Is Important (And How to Secure It) Why CORS Is Important (And How to Secure It) What is CORS and why is it important? CORS (Cross-Origin Resource Sharing)…

Strict HTTP Transport Not Enforced

June 18, 2025 Strict HTTP Transport Not Enforced2025-06-18T12:34:03-05:00 Security No Comment

Strict Transport Security Not Enforced What Is HSTS? HSTS (HTTP Strict Transport Security) is a browser-enforced policy that ensures a website is only accessed using HTTPS—even if a user…

Restricting CORS origin to a WHITELIST

June 17, 2025 Restricting CORS origin to a WHITELIST2025-06-18T12:32:51-05:00 No Comment

Restricting CORS Origin to a Whitelist: Why and How? Modern web applications often rely on APIs hosted on different domains — this is called cross-origin communication. While useful, this opens…

Production Data Copy Options on the Public Cloud

September 8, 2021 Production Data Copy Options on the Public Cloud2022-04-05T10:18:46-05:00 Cloud Computing No Comment

The Use Case Often, a copy of Production data ( in a database) is needed over in a non production environment (in the public cloud). This would entail moving data…

To Domain Join or Not

April 24, 2017 To Domain Join or Not2017-04-24T11:13:58-05:00 Security No Comment

The risk of domain joining your servers is that if a port scanner (aka hacker) can find an open Netbios port, you would have compromised that server and also the…

Multifactor authentication

March 1, 2017 Multifactor authentication2017-03-14T19:36:29-05:00 Security No Comment

Two Factors used in 2FA include : Factor 1 - Something you know (PIN, password, secret questions, etc); Factor 2 - Something you have ( token, key, smartcard, mobile phone)…

Another Chrome FIRST–Privacy through Obscurity…

June 9, 2016 Another Chrome FIRST–Privacy through Obscurity…2016-06-09T11:25:26-05:00 privacy No Comment

Not that we needed another reason to use Chrome – but now there’s a Chrome browser extension called Decodelia . Decodelia is a privacy specific plugin which essentially turns your…

Concatenated Queries at the Root of SQL Injection attacks

April 7, 2016 Concatenated Queries at the Root of SQL Injection attacks2016-04-07T10:40:59-05:00 Security No Comment

ORM is supposed to protect against SQL Injection attacks. As are Stored Procedures (due to parametrization of the data in the query). However, both ORMs and Stored Procs will not…

Multiple FROM statements in a LINQ expression

May 26, 2015 Multiple FROM statements in a LINQ expression2015-05-26T13:55:53-05:00 Entity Framework No Comment

Multiple "from" statements are like nested foreach statements. MSDN example: var scoreQuery = from student in students from score in ; where score > 90 select new {…

12 3