We are having a windows server 2008 R2 being used as an application server which is running some asp.net applications. Recently we ran a third party software(QualysGaurd express suite) for the assessment of potential vulnerability and it reported that Asp.net debugging is enabled on the host and hence the server is vulnerable as an attacker can send debug statements to the remote asp scripts. How can we disable the debug statements in the server? If we disable the debug statement in the server will the asp.net application be affected in any manner?
↧