The most efficient and secure web applications are made by preventing data leakage. The error messages generated from the server is of greatest use to attackers. The attackers can get information about the servers along with their loopholes. Using this information, the attacker can plan an attack. This server frequently generates error messages.
<%@ Import Namespace="System.Diagnostics" %>
<script language="C#" runat="server">
void Application_Error(Object sender, EventArgs e) {
String Message = "\n\nURL: http://localhost/" + Request.Path
+ "\n\nMESSAGE:\n " + Server.GetLastError().Message
+ "\n\nSTACK TRACE:\n" + Server.GetLastError().StackTrace;
// Insert into Event Log
EventLog Log = new EventLog();
Log.Source = LogName;
Log.WriteEntry(Message, EventLogEntryType.Error);
Server.Redirect(Error.htm) // this shall also clear the error
}
</script>
The impact include:-
Beagle recommends the following fixes:-