Why Microsoft's ASP/ASP.NET may be the safe choice for development

John Avis by | February 15, 2018 | Web Development

Some reasons why developing using Microsoft's ASP/ASP.NET has been a good choice over the years.

Your situation may be different but in my case, over close to 20 years I have created many websites and applications for myself and clients, many that are still in use today.

Most, if not all, have under gone some changes over the years. In some cases this might just be a cosmetic refresh and the server-side code remains the same or features may have been added or changed over the years.

Of course, due to the nature of the web, some get total rewrites after a short time, but many clients don’t need or want to spend money on major rewrites.

Fortunately, the majority of the websites and applications I have developed were done so using the Microsoft technologies Classic ASP and ASP.NET.

If, like me, you created something in the late 1990s using Classic ASP and didn’t do anything stupid like not protect against SQL injection or unsafe user uploads, then your code could still run today on a modern web server running a current version of operating system and IIS without you losing sleep that there were security problems waiting to bite you.

And if, like me, you wrote something in ASP.NET 1.x or 2.x in the early 2000s, again, as long as it was running on a modern server, you could feel safe and without fear of potential security problems.

Now, let’s compare this to PHP (and let me say I am no expert on PHP but do have some experience with it).

If you wrote something in an earlier version of PHP, because there are breaking changes between major versions, you either still need to be running on that same version of PHP, or it’s time to review and migrate to the current version of PHP.

An online search reveals that some earlier versions of PHP have security flaws and the advice is to update to safe versions.

What about these popular open source frameworks that are so popular now?

These days it’s a very common for developers to use new frameworks, usually open source, to develop their websites and applications. There seems to be a new one out every month or so.

Is this a good idea to use these? Will an application written using one of these frameworks still be okay in a few years’ time?

Here’s a hypothetical look at what the future might hold for such an application…

1. Our application is developed in version 2 of a fictional JavaScript framework. Version 1 was well received but had some security and performance issues which have been resolved by a major rewrite. The fictional JavaScript framework leverages off a couple of other JavaScript frameworks.

2. Our application works great and gets a few enhancements over the next year or two.

3. Version 3 of the fictional JavaScript framework gets introduced and has some great new features and fixes some security and performance issues with version 2. There are some breaking changes from the previous version so our application code will need to be reviewed and migrated.

4. Our application is quite large, possibly with hundreds of thousands of lines of code, and reviewing and migration is a major project that we would rather not undertake.

5. Interest and support for version 2 of the fictional framework has dropped off and as version 3 was not well received another fictional framework has become the popular choice. It is strongly recommended not to use version 2 anymore because of security flaws in it and/or one of its dependencies. Because of this, and your development team are excited about using the new fictional framework, a rewrite is recommend.

Did I mention I still have Classic ASP and early .NET Web Forms applications out there in the wild and I don’t lose any sleep over them at all?

Related Posts

Web Development

A jQuery plugin for a fixed table of contents

by John Avis | October 12, 2018

Some long web pages have a handy feature where a table of contents are shown beside the content which remains fixed.

Web Development

How to add AJAX suggestions to yairEO's Tagify tag input component

by John Avis | May 25, 2018

yairEO's Tagify is a great implementation of a tag component, being very lightweight and using in-built browser behaviour where possible. Here's how I get get suggestions via AJAX rather than a fixed whitelist.

Web Development

10 things a web developer should be careful of

by John Avis | April 23, 2018

Here's ten things every web developer should be aware of and avoid.


There are no comments yet. Be the first to leave a comment!

Leave a Comment
ASP.NET Html Forms ASP.NET MVC ASP.NET Web Forms ASP.NET Web Pages Bootstrap C# Classic ASP Cool Websites Databases eBay and PayPal Electrical Repairs General Hardware HTML/CSS Jquery/Javascript Media Center Mobile Phones Responsive Web Design Reviews SEO and Social Networking Web Design Web Development Web Security web+db Website Hosting Windows XP Youtube

About me

...mostly about web development and programming, with a little bit of anything else related to the Internet, computers and technology.


Get the latest posts delivered to your inbox.