Windows 2012 Hosting - MVC 6 and SQL 2014 BLOG

Tutorial and Articles about Windows Hosting, SQL Hosting, MVC Hosting, and Silverlight Hosting

Cheap SQL 2014 Hosting with ASPHostPortal.com:: How to Create Cron Job to Backup Your SQL Database

clock June 20, 2014 08:31 by author Ben

Cron Jobs are used for scheduling tasks to run on the server. They're most commonly used for automating system maintenance or administration. However, they are also relevant to web application development. There are many situations when a web application may need certain tasks to run periodically. A cron job/scheduled task is a system-side automatic task that can be configured to run for an infinite number of times at a given interval. Cron/scheduled task allows you to schedule a command or a script to run at a specific time of day, or on a specific day of the week or at a particular time of day on a specific day of the month. It allow for scheduling down to the minute and up to an annual event.

Here is the simple step how to create Cron Job to Backup Your SQL Database :

Step 1. Create a folder to store the backup in your FTP application
Open your ftp application and connect to the account that has the database you want to back up. Create a folder outside of the webcontent called "backups".
fs1-n02stor1wc1dfw2382489382489www.yoursite.combackups

Step 2. Set folder permissions in your FTP application
Right click the folder and add all write permissions. If your Ftp software doesn't do this then checkout the free FTP client called FileZilla.

Step 3. Create a stored procedure that performs the backup with an input parameter for the filename
Connect to your database using a client  and run a query like this. The procedure will be named FullBackup in this example

set ANSI_NULLS ON
set QUOTED_IDENTIFIER ON
GO

CREATE PROCEDURE [dbo].[FullBackup]
 @FileName  nvarchar(256)
AS
BEGIN

SET NOCOUNT ON;

BACKUP DATABASE [123456_YourDatabase] TO  DISK = @FileName WITH NOFORMAT, NOINIT,  NAME = N'Full Database Backup', SKIP, NOREWIND, NOUNLOAD,  STATS = 10

END


Step 4. Create a web page that executes the stored procedure
You can use php or asp.net for this also. For something this simple, you can use classic asp. That way there is no .dll to deal with and no application restart needed.  Now create a new asp page and called it backupdb.asp.  The contents of the file are as follows. When you are done, upload this file to a folder in your content area.
This script will generate a filename based on the date. If a backup already exists for that date it will increment a version counter until a fresh filename is found. This script will generate 1 file per execution. Modify as needed if you want to increment a single file.  Edit the location & connection string to work for you.

<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>

<%
    dim thismonth, thisday, thisyear, location, filelename, ver, extention, abolutespath

thismonth= datepart("m", now())
thisday=datepart("d", now())
thisyear=datepart("yyyy",now())

location="fs1-n03stor1wc1dfw8382492382489www.yoursite.combackups"
filename="dbBackup-" & thismonth & "-" & thisday & "-" & thisyear & "_"
ver=1
extention=".bak"

absolutepath=location & filename & ver & extention

    set fso = Server.CreateObject("Scripting.FileSystemObject")
 
while (fso.FileExists(absolutepath)=True)
ver=ver+1
absolutepath=location & filename & ver & extention
wend

    Set cn = Server.CreateObject("ADODB.Connection")
    cn.connectionString= "Provider=SQLNCLI;Server=mssql05-01.wc1;Database=123456_YourDatabase;Uid=123456_YourUsername; Pwd=Yourpassword;"
   cn.open

   Set cmd = Server.CreateObject("ADODB.Command")
   Set cmd.ActiveConnection = cn
   cmd.CommandText = "FullBackup"
   cmd.CommandType = 4 'adCmdStoredProc
 
   cmd.Parameters.Refresh
   cmd.Parameters(1) = absolutepath
 
   cmd.Execute

   cn.close
 
%>

   Execution complete:  Filename=<%= filename & ver & extention%>

</body>
</html>


Step 5.  Schedule a Cron job to call the web page.

Access your control panel and go to the features tab of the site with the database. Choose http as the language, Enter the URL to the asp script and your email and Schedule the job for a daily run at an off hour.

Our Special SQL Server 2014 Hosting Complete Features

What we think makes ASPHostPortal.com so compelling is how deeply integrated all the pieces are. We integrate and centralize everything--from the systems to the control panel software to the process of buying a domain name. For us, that means we can innovate literally everywhere. We've put the guys who develop the software and the admins who watch over the server right next to the 24-hour Fanatical Support team, so we all learn from each other.

Full Remote Access - We allow you full remote connectivity to your SQL Server 2014 Hosting database and do not restrict access in any way.
Easily transfer your existing SQL Server database - With our SQL Server hosting package, there's no need to rebuild your database from scratch should you wish to transfer an existing SQL Server database to us. If you already have a database hosted elsewhere, you can easily transfer the contents of your database using SQL Server Management Studio which is fully supported by our packages. SSMS provides you with an Import/Export wizard which you can use to upload your data and stored procedures with a couple of clicks.



Cheap Windows Hosting Based in USA:: How to Fix SQL Injection Vulnerabilities in ASP.NET

clock June 5, 2014 07:07 by author Ben

Simply stated, SQL injection vulnerabilities are caused by software applications that accept data from an untrusted source (internet users), fail to properly validate and sanitize the data, and subsequently use that data to dynamically construct an SQL query to the database backing that application. For example, imagine a simple application that takes inputs of a username and password. It may ultimately process this input in an SQL statement of the form

string query = "SELECT * FROM users WHERE username = "'" + username + "' AND password = '" + password + "'";

Since this query is constructed by concatenating an input string directly from the user, the query behaves correctly only if password does not contain a single-quote character.

Impact of SQL Injection vulnerabilities

  • Reading, Updating and Deleting arbitrary data from the database
  • Executing commands on the underlying operating system
  • Reading, Updating and Deleting arbitrary tables from the database

There are many way finding SQL Injection Vulnerabilities manually. But, in this article, I will show you how to find SQL Injection Vulnerabilities automatically. It’s no different than finding it manually. The process mainly involves three tasks :

  • Identifying Data Entry.
  • Inject Data to Database.
  • And last, detect anomalies from it’s response

you will see that you can do it automatically to a certain process. Identifying data entry (1st step) is something that can be automated. You can do it by just crawl the website and finding GET and POST request. As well ass Data Injection (2nd step), can also be done in an automatic fashion. The main problem is the 3rd step ( Detect Anomalies Response of Remote Server ). Although this part is easy for human to detect. it sometimes very difficult for a bot or software to detect it and fully understand output of the remote server. For example, when the web application returns the SQL error from database or when the web application returns HTTP 500 code error.

How to Fix SQL Injection Vulnerabilities in ASP.NET

c# code:

string queryText = "SELECT * FROM Students WHERE City=@City";
SqlCommand cmd = new SqlCommand(queryText, conn);
cmd.Parameters.Add("@City",City);
SqlDataAdapter da = new SqlDataAdapter(cmd);
DataSet ds = new DataSet();
da.Fill(ds);
return ds;


ASP.NET code:

/*C# code*/
string commandText = "SELECT * FROM Customers WHERE Country=@CountryName";
SqlCommand cmd = new SqlCommand(commandText, conn);
cmd.Parameters.Add("@CountryName",countryName);


Stored Procedure:

var connect = ConfigurationManager.ConnectionStrings["NorthWind"].ToString();
var query = "GetProductByID";
using (var conn = new SqlConnection(connect))
{
  using (var cmd = new SqlCommand(query, conn))
  {
    cmd.CommandType = CommandType.StoredProcedure;
    cmd.Parameters.Add("@ProductID", SqlDbType.Int).Value = Convert.ToInt32(Request["ProductID"]);
    conn.Open();
    //Process results
  }
}


Fixing the SQL Injection Vulnerabilities would not be enough to protect your web application. You need to protect it using Runtime Protection.

Cheap SQL Hosting with ASPHostPortal.com
Providing the best security, compliance, performance, and managed service separates ASPHostPortal.com from other hosting companies. MS SQL server supports our commitment to providing service options the businesses that choose ASPHostPortal.com demand. Use the Promo Code "DBSQL" (without quotes) and receive double SQL Server Space!



nopCommerce 3.30 Hosting with ASPHostPortal.com :: How to Enable SSL (https) in nopCommerce

clock April 14, 2014 08:19 by author Kenny

nopCommerce is one of the most popular ASP.NET shopping cart applications which you can use it for designing your business website for free. nopCommerce is an open source e-commerce solution that contains both a catalog frontend and an administration tool backend. nopCommerce is a fully customizable shopping cart. It's stable and highly usable. From downloads to documentation, nopCommerce.com offers a comprehensive base of information, resources, and support to the nopCommerce community. nopCommerce is a complete open source shopping cart softare, the first edition was released in October 2010, we can say this is still a very new shopping cart application in the market, but their users are growing super-fast in the past 3 years. nopCommerce is a fully customizable shopping cart and you can easily installed it in your hosting account. You just need to download the instalaltion file from official website and use FTP to upload it into your hosting server and unzip the file, then you have to create MSSQL 2005 or 2008 database, and you can install it for your website now.

As the Internet grows as a medium of communication, commerce and interaction, so do the prevalence of risks and security threats. One way to effectively protect your domain is with an SSL certificate. The primary reason why SSL is used is to keep sensitive information sent across the Internet encrypted so that only the intended recipient can understand it. This is important because the information you send on the Internet is passed from computer to computer to get to the destination server. Any computer in between you and the server can see your credit card numbers, usernames and passwords, and other sensitive information if it is not encrypted with an SSL certificate. When an SSL certificate is used, the information becomes unreadable to everyone except for the server you are sending the information to. This protects it from hackers and identity thieves.

In this article, i'm going to explain about how to enable SSL in nopCommerce, you will first need to purchase an SSL certificate and dedicated IP. This article assumes that you already purchase an SSL from SSL provider.

  • Install SSL on your web server
  • Open web.config file
  • Set UseSSL value to true (<add key=”UseSSL” value=”true” /> )
  • Then just save the file.

nopCommerce automatically switched to SSL when required ( for example, register, login and checkout admin ect.)

Get SharedSSLUrl from your hosting provider
Open the web.config and edit the following values

<add key=”UseSSL” value=”true” />
<add key=”SharedSSLUrl” value=”https://secure.yourhostingcompany.com/~username” />
<add key=”NonSharedSSLUrl” value=”https://secureyourhostingcompany.com/~username” /> 


ASPHostPortal.com Proudly Announces SQL Server 2014 Hosting

clock April 8, 2014 08:19 by author Ben

ASPHostPortal.com, a reliable web hosting company specializing in ASP.NET hosting services, announces the deployment of SQL Server 2014 in its web hosting packages.

ASPHostPortal.com now provides the SQL Server 2014 in all of web hosting packages, assisting all their web hosting customers on organizing, improving and securing business’ data. Making business decisions are the crucial steps that businesses need to take, mostly in short time. It requires accessing company’s data in easy manner to be analyzed and evaluated. The SQL Server 2014 has the excellent tool to do this. With the Power View, businesses will be able to excerpt data into PowerPoint presentations and bring updated information in every meeting.

 


Businesses are often must face complicated issues, whether it occurs inside the organization or related to clients and customers. For example, clients often want their data quality being improved regularly that can be a challenging task. With the SQL Server 2014 this process can be reduced this problem since it has the ability to enhance the consistency and accuracy of the data. The SQL Server 2014 works by cleaning out the data thus resulting in superior quality and enduring maintenance.

The basic shared hosting service is supported by SQL Server 2014 web hosting and the site provides this plan at a monthly cost of $5. The site assures a 24x7 customer support service and guarantees a 99.9% uptime as they have installed fully servers. The company through its website gives all its customers a Plesk Panel which is basically server management software.

“Our customers have been asking us about SQL Server 2014 and we are happy to deliver a hosting platform that supports all the latest in the Microsoft Web Stack.” said said Dean Thomas, Manager at ASPHostPortal.com.  "And it proves that we remain at the forefront in Microsoft technology".

ASPHostPortal.com is a popular SQL Server 2014 hosting service provider with all of its  hosting plans to help users to automate and simplify website and server administration tasks such as  installation and migration. For more information about this topics or have any enquiries related to SQL Server 2014 hosting,  please visit http://asphostportal.com/SQL-2014-Hosting.

ASPHostPortal.com is now providing this FREE DOMAIN and DOUBLE SQL Space promotion link for new clients to enjoy the company's outstanding web hosting service at a low cost from just $5.00/mo. This offer valids only from 21st March 2014 to 20 April 2014 and it applies to all the new clients registered during these dates only.

About ASPHostPortal.com:

ASPHostPortal.com is a hosting company that best support in Windows and ASP.NET-based hosting. Services include shared hosting, reseller hosting, and sharepoint hosting, with specialty in ASP.NET, SQL Server, and architecting highly scalable solutions. As a leading small to mid-sized business web hosting provider, ASPHostPortal.com strive to offer the most technologically advanced hosting solutions available to all customers across the world. Security, reliability, and performance are at the core of hosting operations to ensure each site and/or application hosted is highly secured and performs at optimum level.



About ASPHostPortal.com

We’re a company that works differently to most. Value is what we output and help our customers achieve, not how much money we put in the bank. It’s not because we are altruistic. It’s based on an even simpler principle. "Do good things, and good things will come to you".

Success for us is something that is continually experienced, not something that is reached. For us it is all about the experience – more than the journey. Life is a continual experience. We see the Internet as being an incredible amplifier to the experience of life for all of us. It can help humanity come together to explode in knowledge exploration and discussion. It is continual enlightenment of new ideas, experiences, and passions

 photo ahp banner aspnet-01_zps87l92lcl.png

Author Link

Corporate Address (Location)

ASPHostPortal
170 W 56th Street, Suite 121
New York, NY 10019
United States

Sign in