Securing ASP.NET MVC Application Checklist

Question

I am looking for a set of guidelines or a checklist that you can go over for securing a public ASP.NET MVC Website. I just want to make sure that I am not making any of the obvi

Answer 1

The below are general ASP.NET measures

1. Set Debug=false in web.config
2. Turn on custom error
3. Encrypt your cookies
4. Validate all inputs
5. Enable Request Validation
6. Encode your output