Old Forums
Search:
Installation and deployment
Version 7.x > Installation and deployment > DOS vulnerability/attacks View modes: 
User avatar
Kentico Legend
Kentico Legend
Brenden Kehren - 1/2/2014 11:59:39 AM
   
DOS vulnerability/attacks
Recently I had a PCI compliance scan run on a Kentico website and it showed DOS vulnerability on the site when this URL was accessed: http://www.mywebsite.com/AUX/.aspx.

I'm wondering what affect adding this to my web.config
<httpRuntime relaxedUrlToFileSystemMapping="true"/>
might have on Kentico. I found an article explaining reserved file names here.

Will it cause URL rewrite problems? Problems with MVC (not used in the site that I'm aware of).

User avatar
Kentico Support
Kentico Support
kentico_jurajo - 1/8/2014 1:14:42 AM
   
RE:DOS vulnerability/attacks
Hello,

It should not have any impact. As soon as the request ends with aspx, it goes through IIS to Kentico URL rewriting and it will display the root. It is the same like having just "www.domain.com/".

Best regards,
Juraj Ondrus

Top