sudo apt-get install certbot
sudo certbot certonly --manual -d example.com -d www.example.com
25 Haziran 2025
Certbot(Let's Encrypt) Manuel SSL Üretme
9 Mayıs 2025
NPOI - Excel Macro Injection (Sanitizer)
public static class IRowExtensions
{
public static ICell GetCellAndSecure(this IRow row, int cellNum)
{
var cell = row.GetCell(cellNum);
DataFormatter dataFormatter = new DataFormatter(CultureInfo.CurrentCulture);
string cellValue = dataFormatter.FormatCellValue(cell) ?? string.Empty;
if (!string.IsNullOrEmpty(cellValue) || IsMalicious(cellValue))
{
if (CrossSiteScriptingValidation.IsDangerousString(cellValue, out _))
{
throw new InvalidDataException("İzin verilmeyen içerik!");
}
}
return cell;
}
private static readonly string[] blacklist = new[]
{
"cmd", "powershell", "wscript", "createobject", "getobject", "shell",
"cmd|", "cmd /c", "cmd /k", "cscript", "vbscript", "activex", "winhttp",
"msxml2.xmlhttp", "adodb.stream", "urlmon", "downloadfile", "deletefile",
"openastextstream", "write", "javascript:", "document.write", "eval", "exec",
"|''!A1", "| '/c", "shell.application", "htafile", "autoopen", "workbook_open"
};
private static bool IsMalicious(string input)
{
if (string.IsNullOrWhiteSpace(input))
return false;
return (input.StartsWith("=") || input.StartsWith("+") || input.StartsWith("-") || input.StartsWith("@")) || blacklist.Any(keyword => input.IndexOf(keyword, StringComparison.OrdinalIgnoreCase) >= 0);
}
public static void SetCellAndSecure(this ICell cell, string cellValue)
{
if (!string.IsNullOrEmpty(cellValue))
{
if (CrossSiteScriptingValidation.IsDangerousString(cellValue, out _) || IsMalicious(cellValue))
{
XSSFSheet xssfSheet = (XSSFSheet)(cell.Sheet);
IDrawing drawing = xssfSheet.CreateDrawingPatriarch();
IClientAnchor anchor = drawing.CreateAnchor(0, 0, 0, 0, cell.ColumnIndex, cell.RowIndex, cell.ColumnIndex + 2, cell.RowIndex + 2);
IComment comment = drawing.CreateCellComment(anchor);
comment.String = new XSSFRichTextString("Bu hücrede potansiyel zararlı bir formül vardı, metne çevrildi.");
comment.Author = "Güvenlik Filtreleme Sistemi";
comment.Visible = true;
cell.CellComment = comment;
cell.SetCellValue($"'{cellValue}");
var sheetWarnings = cell.Sheet.Workbook.GetSheet("UYARILAR");
if (sheetWarnings == null)
{
sheetWarnings = cell.Sheet.Workbook.CreateSheet("UYARILAR");
var header = sheetWarnings.CreateRow(0);
header.CreateCell(0).SetCellValue("Hücre");
header.CreateCell(2).SetCellValue("Durum");
}
var lastIndex = sheetWarnings.LastRowNum + 1;
var rowWarning = sheetWarnings.CreateRow(lastIndex);
rowWarning.CreateCell(0).SetCellValue($"{cell.Address}");
rowWarning.CreateCell(1).SetCellValue("Zararlı içerik tespit edildi ve nötralize edildi");
var cellStyle = cell.Sheet.Workbook.CreateCellStyle();
cellStyle.FillBackgroundColor = HSSFColor.Yellow.Index;
cellStyle.FillForegroundColor = HSSFColor.Red.Index;
cellStyle.FillPattern = FillPattern.SolidForeground;
cell.CellStyle = cellStyle;
//throw new InvalidDataException("İzin verilmeyen içerik!");
}
}
cell.SetCellValue($"{cellValue}" ?? string.Empty);
}
public static ICell GetCellAndSecure(this IRow row, int cellNum, MissingCellPolicy policy)
{
var cell = row.GetCell(cellNum, policy);
var cellValue = cell?.ToString() ?? string.Empty;
if (!string.IsNullOrEmpty(cellValue))
{
if (CrossSiteScriptingValidation.IsDangerousString(cellValue, out _) || IsMalicious(cellValue))
{
throw new InvalidDataException("İzin verilmeyen içerik!");
}
}
return cell;
}
public static string ToStringOrDefault(this ICell cell, string defaultValue = "")
{
var response = defaultValue;
if (cell != null)
{
response = cell.ToString();
if (response == null)
response = defaultValue;
response = response.Trim();
}
if (response.StartsWith("'") || response.StartsWith("‘"))
response = response.Substring(1);
return response;
}
}
17 Ocak 2025
ASP.NET Web API Versiyonalama
Orjinal ve Detaylı Makale
https://weblogs.asp.net/ricardoperes/asp-net-core-api-versioning
------
1) Aşağıda ki paketleri kurun
- Asp.Versioning.Mvc
- Asp.Versioning.Mvc.ApiExplorer
- Swashbuckle.AspNetCore
2) Versiyonları elle yazmamak için ben SVApiVersion adında bir class oluşturdum. (Opsiyonel)
public static class SVApiVersion
{
public static class V1
{
public const int Major = 1;
public const int Minor = 0;
public const string Version = "1.0";
}
public static class V2
{
public const int Major = 2;
public const int Minor = 0;
public const string Version = "2.0";
}
}
3) ConfigureSwaggerOptions swagger için gerekli classı oluşturun.
internal class ConfigureSwaggerOptions : IConfigureOptions<SwaggerGenOptions>
{
private readonly IApiVersionDescriptionProvider _provider;
private readonly IOptions<ApiVersioningOptions> _options;
public ConfigureSwaggerOptions(IApiVersionDescriptionProvider provider, IOptions<ApiVersioningOptions> options)
{
_provider = provider;
_options = options;
}
public void Configure(SwaggerGenOptions options)
{
foreach (var description in _provider.ApiVersionDescriptions)
{
var xmlFile = $"{Assembly.GetExecutingAssembly().GetName().Name}.xml";
var xmlPath = Path.Combine(AppContext.BaseDirectory, xmlFile);
if (File.Exists(xmlPath))
{
options.IncludeXmlComments(xmlPath);
}
options.SwaggerDoc(description.GroupName, CreateVersionInfo(description));
}
}
private OpenApiInfo CreateVersionInfo(ApiVersionDescription description)
{
var info = new OpenApiInfo()
{
Title = $"API {description.GroupName}",
Version = description.ApiVersion.ToString()
};
if (description.ApiVersion == _options.Value.DefaultApiVersion)
{
if (!string.IsNullOrWhiteSpace(info.Description))
{
info.Description += " ";
}
info.Description += "Default API version.";
}
if (description.IsDeprecated)
{
if (!string.IsNullOrWhiteSpace(info.Description))
{
info.Description += " ";
}
info.Description += "This API version is deprecated.";
}
return info;
}
}
4) Program.cs ye aşağıda ki gibi gerekli servisleri tanımladım.(Sonradan eklenenler bold)
using Asp.Versioning;
using Asp.Versioning.ApiExplorer;
using SampleVersioningAPI;
var builder = WebApplication.CreateBuilder(args);
// Add services to the container.
builder.Services.AddApiVersioning(options =>
{
options.AssumeDefaultVersionWhenUnspecified = true;
options.DefaultApiVersion = new ApiVersion(SVApiVersion.V1.Major, SVApiVersion.V1.Minor);
options.ReportApiVersions = true;
options.ApiVersionReader = ApiVersionReader.Combine(
new UrlSegmentApiVersionReader(),
new HeaderApiVersionReader("X-Version"));
}).AddApiExplorer(options =>
{
options.GroupNameFormat = "'v'VVV";
options.SubstituteApiVersionInUrl = true;
});
builder.Services.AddControllers();
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
builder.Services.AddEndpointsApiExplorer();
builder.Services.AddSwaggerGen();
builder.Services.ConfigureOptions<ConfigureSwaggerOptions>();
var app = builder.Build();
// Configure the HTTP request pipeline.
if (app.Environment.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI(c =>
{
var provider = app.Services.GetRequiredService<IApiVersionDescriptionProvider>();
foreach (var description in provider.ApiVersionDescriptions)
{
c.SwaggerEndpoint($"/swagger/{description.GroupName}/swagger.json", description.GroupName.ToUpperInvariant());
}
});
}
app.UseHttpsRedirection();
app.UseAuthorization();
app.MapControllers();
app.Run();
5) Ben API Controller Yapısını Aşağıda ki Gibi Yaptım (Opsiyonel)
Farklı kullanım şekilleri orjinal makalede vardır.
- Controllers / V1 / ValuesController
- Controllers / V2 / ValuesController
Controller aşağıdaki gibidir.
namespace SampleVersioningAPI.Controllers.V1
{
[ApiController]
[ApiVersion(SVApiVersion.V1.Version)]
[Route("api/v{version:apiVersion}/[controller]")]
public class ValuesController : ControllerBase
{
private readonly ILogger<ValuesController> _logger;
public ValuesController(ILogger<ValuesController> logger)
{
_logger = logger;
}
[HttpGet()]
public string Get()
{
return SVApiVersion.V1.Version;
}
}
}
using Asp.Versioning;
using Microsoft.AspNetCore.Mvc;
namespace SampleVersioningAPI.Controllers.V2
{
[ApiController]
[ApiVersion(SVApiVersion.V2.Version)]
[Route("api/v{version:apiVersion}/[controller]")]
public class ValuesController : ControllerBase
{
private readonly ILogger<ValuesController> _logger;
public ValuesController(ILogger<ValuesController> logger)
{
_logger = logger;
}
[HttpGet()]
public string Get()
{
return SVApiVersion.V2.Version;
}
}
}
Github Kaynak Kodu: https://github.com/AmagiTech/AspNetApiVersionSample
3 Ekim 2024
JS Parse Excel From Clipboard
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Document</title>
<style>
table,
th,
td {
border: 1px solid black;
}
</style>
</head>
<body>
<textarea id="txtData" style="width: 100%;height: 300px;">
</textarea>
<hr>
<table id="tblData">
<thead>
<tr>
<th>E-Mail</th>
<th>Name</th>
<th>Surname</th>
<th>Reference</th>
</tr>
</thead>
<tbody>
</tbody>
</table>
<script>
function parseData(rawText) {
var tblData = document.querySelector('#tblData tbody');
tblData.innerHTML = '';
rawText = rawText.trim();
var trs = rawText.split('\n');
if (trs != null && trs.length > 0) {
for (var i = 0; i < trs.length; i++) {
var tds = trs[i].trim().split('\t');
if (tds.length == 4) {
let tr = document.createElement('tr');
for (var j = 0; j < tds.length; j++) {
let td = document.createElement('td');
td.innerText = tds[j];
tr.appendChild(td);
}
tblData.appendChild(tr);
}
}
}
console.log(rawText);
}
document.getElementById("txtData").addEventListener('change', function (e) {
parseData(e.target.value);
}, false);
</script>
</body>
</html>
1 Kasım 2023
Rosyln Compiler - Memory Leak Free(Disposable)
Original Article: https://carljohansen.wordpress.com/2020/05/09/compiling-expression-trees-with-roslyn-without-memory-leaks-2/
I register handlebars helper for my codes that could be editable from text file.
Aim: Invoke public methods with TemplateHelper attribute.
Example Text File that contains C# Code:
using HandlebarsDotNet;using System;using System.Collections.Generic;using System.Linq;using System.Text;using System.Threading.Tasks;
namespace RosylnCompilerDemo{ public class DigitalInsertHandlebarsHelpers { [TemplateHelper] public void RegisterPriceWhole(IHandlebars _handlebars) { _handlebars.RegisterHelper("Price.Whole", (writer, context, arguments) => { if (!arguments.Any()) { throw new HandlebarsException("Correct Format: {{#Price.Whole decimalPrice seperator}}, {{Price.Whole decimalPrice}}"); } var price = arguments.At<string>(0); if (!string.IsNullOrWhiteSpace(price)) { string seperator = ","; if (arguments.Length == 2) { seperator = arguments.At<string>(1); } price = price.Split(seperator).FirstOrDefault(); } writer.WriteSafeString($"{price}"); }); }
[TemplateHelper] public void RegisterPriceFraction(IHandlebars _handlebars) { _handlebars.RegisterHelper("Price.Fraction", (writer, context, arguments) => { if (!arguments.Any()) { throw new HandlebarsException("Correct Format: {{#Price.Fraction decimalPrice seperator}}, {{Price.Whole decimalPrice}}"); } var price = arguments.At<string>(0); if (!string.IsNullOrWhiteSpace(price)) { string seperator = ","; if (arguments.Length == 2) { seperator = arguments.At<string>(1); } price = price.Split(seperator).LastOrDefault(); } writer.WriteSafeString($"{price}"); }); } }}
Code File:
using HandlebarsDotNet;using Microsoft.CodeAnalysis;using Microsoft.CodeAnalysis.CSharp;using System.Reflection;using System.Runtime.Loader;
namespace RosylnCompilerDemo{ public class TemplateHelperOperations { private class CollectibleAssemblyLoadContext : AssemblyLoadContext, IDisposable { public CollectibleAssemblyLoadContext() : base(true) { }
protected override Assembly Load(AssemblyName assemblyName) { return null; }
public void Dispose() { Unload(); } }
public static void RegisterHelpers(string code, IHandlebars handlebars) { var compilationOptions = new CSharpCompilationOptions(OutputKind.DynamicallyLinkedLibrary);
List<Assembly> assemblies = AppDomain.CurrentDomain.GetAssemblies().ToList();
var references = assemblies.Where(q => !string.IsNullOrWhiteSpace(q.Location)) .Select(q => MetadataReference.CreateFromFile(q.Location)).ToList();
var syntaxTree = SyntaxFactory.ParseSyntaxTree(code); var assemblyName = $"TempAssembly{Guid.NewGuid()}"; var compilation = CSharpCompilation.Create(assemblyName) .WithOptions(compilationOptions) .AddReferences(references) .AddSyntaxTrees(syntaxTree);
using (var assemblyLoadContext = new CollectibleAssemblyLoadContext()) using (var ms = new MemoryStream()) { var emitResult = compilation.Emit(ms); if (emitResult.Success) { ms.Seek(0, SeekOrigin.Begin);
// Load the compiled assembly var assembly = Assembly.Load(ms.ToArray());
// Execute the library code var helperMethods = assembly.GetTypes() .Where(q => q.IsClass && q.IsPublic) .Select(q => new { ClassName = q.FullName, Methods = q.GetMethods().Where(m => m.IsPublic && m.GetCustomAttributes(typeof(TemplateHelperAttribute), false).FirstOrDefault() != null) }) .Where(q => q?.Methods?.Any() ?? false) .ToList();
foreach (var cls in helperMethods.Where(q => q.Methods?.Any() ?? false).GroupBy(q => q.ClassName)) { if (!string.IsNullOrWhiteSpace(cls.Key)) { var libClassType = assembly.GetType(cls.Key); var libraryInstance = Activator.CreateInstance(libClassType); foreach (var item in cls) { foreach (var method in item.Methods) { method.Invoke(libraryInstance, new object[] { handlebars }); } } } } } else { foreach (var diagnostic in emitResult.Diagnostics) { Console.WriteLine(diagnostic.ToString()); } } } } }
}
8 Şubat 2023
SQL Cloning Database
dbbackup.bat
-------------------------------------------------------------------------------------------
backupdb.sql
sqlcmd -S SERVERNAME\SQLEXPRESS -E -i backupdb.sql
-------------------------------------------------------------------------------------------
backupdb.sql
declare @backupDB nvarchar(128),
@restoreDB nvarchar(128),
@backupFolder nvarchar(512),
@dataFolder nvarchar(512);
set @backupDB = 'SampleDB';
set @restoreDB = 'SampleDBX';
set @backupFolder = 'C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Backup\';
set @dataFolder = 'C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\DATA\';
declare @diskName nvarchar(512);
set @diskName = @backupDB + '-' +REPLACE(REPLACE(CONVERT(VARCHAR(128),GETDATE(),20),' ','-'),':','-') + '.bak';
set @diskName = @backupFolder + @diskName;
backup database @backupDB to disk = @diskName
declare @sql nvarchar(max)
set @sql = 'alter database ' + @restoreDB + ' set single_user with rollback immediate';
exec(@sql);
set @sql = 'restore database ' + @restoreDB + ' from disk = N'''+ @diskName +''''
+ ' with file = 1, '
+ ' move N'''+@backupDB+''' to N''' + @dataFolder + @restoreDB + '.mdf'', '
+ ' move N'''+@backupDB+'_log'' to N''' + @dataFolder + @restoreDB + '_log.ldf'', '
+ ' KEEP_REPLICATION, NOUNLOAD, REPLACE, STATS = 5'
exec(@sql);
set @sql = 'alter database ' + @restoreDB + ' set MULTI_USER';
exec(@sql);
8 Aralık 2022
Basit Encrpytion C# and JS
!Don't use it for important data.
I use it to prevent search engines from collecting data.
.C#
public static class EasyCrypt
{
public static string Encrypt(string input, int shft)
{
if (string.IsNullOrEmpty(input))
return string.Empty;
return Convert.ToHexString(input.Select(c => Convert.ToByte((((int)c) + shft) % 255)).ToArray());
}
public static string Decrypt(string input, int shft)
{
if (string.IsNullOrEmpty(input))
return string.Empty;
return System.Text.ASCIIEncoding.ASCII.GetString(
Convert.FromHexString(input).Select(b => Convert.ToByte(((int)b + 255 - shft) % 255)).ToArray());
}
}
JS
const cardNo = '321321312';
function encrypt(text, shft = 83) {
if (text == null ||
typeof (text) == 'undefined' ||
text.length < 1)
return '';
let encrypted = '';
for (let i = 0; i < text.length; i += 1) {
const charCode = text.charCodeAt(i);
let shiftedChar = (charCode + shft) % 255;
encrypted += shiftedChar.toString(16);
}
return encrypted;
}
function decrypt(text, shft = 83) {
if (text == null ||
typeof (text) == 'undefined' ||
text.length < 1)
return '';
let decrypted = '';
for (let i = 0; i < text.length; i += 2) {
const hex = text.substring(i, i + 2);
const charCode = parseInt(hex,16);
let shiftedChar = (255 +(charCode - shft)) % 255;
decrypted += String.fromCharCode(shiftedChar);
}
return decrypted;
}
const encryptedCardNo = encrypt(cardNo);
const decryptedCardNo = decrypt(encryptedCardNo);
console.log(cardNo);
console.log(encryptedCardNo);
console.log(decryptedCardNo);
23 Kasım 2022
CIDR (Classless Inter-Domain Routing) Notation
{8Bits}. {8Bits}. {8Bits}. {8Bits} / {Allocated Bits}
00000000 = 0
11111111 = 255
Example: 102.123.149.240 / 24
Allocated Bits To Address Allocated For Range
102.123.149 .240 / 24 => 102.123.149.000 - 102.123.149.255
102.123 .149.240 / 16 => 102.123.000.000 - 102.123.255.255
102.123 .149.240 / 20 => 102.123.144.000 - 102.123.159.255
Algorithm For 102.123.149/20
102.123 => 8+8 => 16 Bits Used Remained 4
149 => 1 0 0 1 0 1 0 1 => 1 + 4 + 16 +128
First 4 are allocated we will use remained ones
1 0 0 1 0 0 0 0 to 1 0 0 1 1 1 1 1
=> 128+16 to 128+16+8+4+2+1
=> 144 to 159
Thus =>
102.123.144.000 - 102.123.159.255
3 Kasım 2022
RSA C#
internal class Program
{
static void Main(string[] args)
{
IRSAEncryption rsa = new RSAEncryption();
// Use only one time for generating keys
//rsa.GenerateKeys("mx.pub","px.pem");
var text = "Fıstıkçı Şahap 2";
var encryptedText = rsa.Encrypt(text, "mx.pub");
Console.WriteLine($"Encrpyted: {encryptedText}");
//var decryptedText = rsa.Decrypt(encryptedText, "mx.pem");
//Console.WriteLine($"Decrypted: {decryptedText}");
}
}
public interface IRSAEncryption
{
public void GenerateKeys(string pathPublicKey, string pathPrivateKey);
public string Encrypt(string plainText, string pathPublicKey);
public string Decrypt(string encrpyedText, string pathPrivateKey);
}
public class RSAEncryption : IRSAEncryption
{
private string ByteArrayToString(byte[] bytes)
{
var sb = new StringBuilder(bytes.Length * 2);
foreach (var b in bytes)
{
sb.AppendFormat("{0:x2}", b);
}
return sb.ToString();
}
public static byte[] StringToByteArray(String hex)
{
int NumberChars = hex.Length;
byte[] bytes = new byte[NumberChars / 2];
for (int i = 0; i < NumberChars; i += 2)
bytes[i / 2] = Convert.ToByte(hex.Substring(i, 2), 16);
return bytes;
}
private RSAParameters ImportKey(string path)
{
var serializer = new XmlSerializer(typeof(RSAParameters));
using (var fs = new FileStream(path, FileMode.Open))
{
return (RSAParameters)serializer.Deserialize(fs);
}
}
private void ExportKey(RSAParameters parameters, string path)
{
var serializer = new XmlSerializer(typeof(RSAParameters));
using (var fs = new FileStream(path, FileMode.CreateNew))
using (var sw = new StreamWriter(fs, Encoding.UTF8))
{
serializer.Serialize(sw, parameters);
}
}
public string Decrypt(string encrpyedText, string pathPrivateKey)
{
using (var rsa = new RSACryptoServiceProvider())
{
var pubKey = ImportKey(pathPrivateKey);
rsa.ImportParameters(pubKey);
var data = StringToByteArray(encrpyedText);
var cypher = rsa.Decrypt(data, false);
return Encoding.UTF8.GetString(cypher);
}
}
public string Encrypt(string plainText, string pathPublicKey)
{
using (var rsa = new RSACryptoServiceProvider())
{
var pubKey = ImportKey(pathPublicKey);
rsa.ImportParameters(pubKey);
var data = Encoding.UTF8.GetBytes(plainText);
var cypher = rsa.Encrypt(data, false);
return ByteArrayToString(cypher);
}
}
public void GenerateKeys(string pathPublicKey, string pathPrivateKey)
{
using (var rsa = new RSACryptoServiceProvider(2048))
{
var pem = rsa.ExportParameters(true);
var pub = rsa.ExportParameters(false);
ExportKey(pem, "mx.pem");
ExportKey(pub, "mx.pub");
}
}
}
15 Ekim 2022
PostgreSql PgAdmin Docker Çalıştırma
docker-compose.yaml dosyası aşağıdaki gibidir.
services:pgadmin:
environment:
PGADMIN_DEFAULT_EMAIL: PGAdminMail@mail.com
PGADMIN_DEFAULT_PASSWORD: PGAdminPassword
image: dpage/pgadmin4
ports:
- published: 5080
target: 80
postgres:
environment:
POSTGRES_DB: PostgresDefaultDB
POSTGRES_PASSWORD: PostgresDefaultPassword
POSTGRES_USER: PostgresDefaultUsername
image: postgres
ports:
- published: 5432
target: 5432
version: '3.9'
docker-compose config ile config kontrol edilir hata varsa güncel bilgilere göre google dan aratıp düzeltin.
docker compose up --build ile çalıştırılır
http://localhost:5080/ adresinden yaml da yazdığınız kullanıcı adı ve şifre ile PG Amin'e giriş yapınız.
terminal de
docker ps
yazarak postgres in ContainerID sini alalım benim örnekte 44b778e8e612
daha sonra docker inspect 44b yazarak işlemin IP adresini bulalım
Benim örnek te
"IPAddress": "172.19.0.3",
IP adres ve YAML a girilen bilgilerdeki kullanıcı adı şifre ile Postgres e bağlanabilirsiniz.
Kaydol:
Kayıtlar (Atom)