Securing SharePoint Site using Azure App Service

Building application firewall for SharePoint site will never been so easy. With Azure App Service we can quickly create public facing application firewall using IIS Application Request Routing and protect SharePoint web site in internal network. In this scenario, you Continue reading Securing SharePoint Site using Azure App Service

OWASP Top Ten to Secure SharePoint Public Site (Part 5)

dIn part 4, we have sanitize response header from SharePoint portal by modifying response header through web.config custom header modification. Unfortunately, during my testing not all response header can be modified using this technique. Therefore we need to use custom Continue reading OWASP Top Ten to Secure SharePoint Public Site (Part 5)

OWASP Top Ten to Secure SharePoint Public Site (Part 3)

Part 2, I introduced reverse proxy server as an answer to secure SharePoint public site. As reverse proxy is independent from SharePoint server farm, this avenue gives more independency towards the method or items to secure. In part 3, I Continue reading OWASP Top Ten to Secure SharePoint Public Site (Part 3)

OWASP Top Ten to Secure SharePoint Public Site (Part 2)

In part 1, I elaborate what was the challenge in SharePoint default configuration and the default response header produced by WFE. Part-2, I will show how to clean response header and add additional layer of protection. From standard SharePoint deployment, Continue reading OWASP Top Ten to Secure SharePoint Public Site (Part 2)