The question was asked: Given an asp.net application that in itself uses Forms Authentication, what is the best practice for securing a public-facing demo site such that nobody who is not in the "in crowd" can see the site at all? My answer was pretty cool, and I wanted to remember it someday when I had a similar question.  Up-vote it if you too think it's cool: Typically the "demo sites" are secured with Basic Authentication.  e.g. return a 401 to the browser with a basic authentication challenge that it turns into prompting for credentials.  In theory, once this is done, the...

ELMAH is an awesome error logging framework for ASP.NET.  It provides both an elegant way of capturing errors, and an elegant way of displaying them later.  It's available as a NuGet package, and is both Web Forms and MVC friendly. Generally, Elmah "just works" and you can walk away happy as a clam.  But there's times where you want to do custom error logging.  The general solution is to do something like this: ErrorSignal.FromContext(HttpContext.Current).Raise(ex, HttpContext.Current); The up-side is you can log anything you want then gently recover.  The down-side is you can't get the logged ErrorId.  Granted, based on your Elmah filters, maybe...