Installation, First Steps and
Important Information (Version 1.1)
My Web Pages Starter Kit is an ASP.NET 2.0 Content Management System. As a web application it enables users to set up and maintain web sites through a browser based administration interface.

The My Web Pages Starter Kit is composed of modules and is easily extensible. Administrators can unpack it directly on the server and start building web sites. Using Visual Studio or the Visual Studio Web Developer Express Edition, developers can easily customize and extend the features of the CMS.

This document explains how to set up My Web Pages Starter Kit and gives you hints on how to develop your own controls and extend the CMS.

For additional questions, news, releases and the project's news feed visit the My Web Pages Starter Kit project on Codeplex.com.
1 Running it locally
Extract all files contained in the ZIP file to your hard drive
- Launch Visual Studio 2005 or Visual Studio Web Developer Express
- Select "File->Open Web Site" to open the Web Site
- Hit F5 to launch the Web Site in your browser
(You do not really need to run the web application locally if you don't want to modify the kit. You may just unpack the files and publish them to your web host. See section 2)
2 Publishing to your web host
- The My Web Pages Starter Kit requires an ASP.NET 2.0 hoster (Selection)
Upload the files
  • Open a hosting account with a hoster who supports the Microsoft ASP.NET 2.0 web technology (Selection). In return the hoster will provide you the access data, which you need to maintain your website in your role as a webmaster.
  • Publish My Web Pages Starter Kit to your hoster by uploading all files (except the App_Data folder) to your hoster. This is usually done with an ‘FTP Client’. In order to do so you need the server name and your credentials for your account (username & password) from your hoster.
    Note: The App_Data folder is a special ASP.NET 2.0 folder and requires special permissions (Windows 2000: write privileges for the "ASPNET" account / Windows 2003: write privileges for the "Network Service" account and the additional right to read the attributes of the superior directories). If your hoster has already created this folder, do not overwrite it as you will lose these special permissions. If it does not exist, create it and ask your hoster to grant write access to the ASPNET user. Without these access permissions the MWPSK code is unable to store your information there.
  • My Web Pages Starter Kit requires at least medium trust (Learn more). Usually the hoster has already set the medium trust level in the machine.config file. Therefore this specification in the web.config file is commented out. We recommend you to uncomment this setting in the web.config file if you work with the My Web Pages Starter Kit locally to make sure that your additional code is compliant with the medium trust restrictions.
- Launch your web browser and type in the URL of your My Web Pages Starter Kit website. After a short delay, My Web Pages Starter Kit creates the initial data files in your App_Code folder and it will show you a default homepage.
- Change your administrator password by clicking on "Administration->User Management"
(Initial username is admin; initial password is: admin)
Log in as administrator (admin/yournewpassword)
- Configure your web site by clicking on "Administration->CMS Setup"
  • NOTE: As long as you did not specify a Smtp-Server or Mail Sender Address, all features and controls that send emails (like Password Reset, Contact Form, etc.) will not be available.
3 Architecture
3.1 UI Layer
ASPX Files are responsible for the rendering of the pages. User accessible pages are in the root directory, administration pages in the "administration" folder. Default.aspx handles the rendering of all customizable pages (i.e. those that can contain your own content and controls). Additionally, specific ASPX pages exist for website searches, Login and changing your password.

A My Web Pages Starter Kit page can contain so-called sections, which are UserControls (learn more) derived from SectionControlBaseClass. For a control to be able to be used in My Web Pages Starter Kit, it must meet the following criteria:
  • Inherit your control from My Web Pages Starter Kit.Controls.SectionControlBaseClass
  • Together with your section control, you should always create a class that contains the business logic and the data for the particular section (also see below, Data Access Layer).
3.2 Business Logic
Standard classes: Keep in mind not to use them as data objects, and don't embed layout/UI code into them.
3.3 Data Access Layer
ASP.NET 2.0 in Medium Trust mode (and thus My Web Pages Starter Kit) is allowed to write files in App_Data. The generic class "Persistable" simplifies the data access.

In order to make a new section (let's call it MySection) that persist its data, you must derive your class from Section<T>, where <T> is MySection.MySectionData
Your class declaration should then start as follows:
class MySection : Section<MySection.MySectionData>

The MySectionData-Class must be an inner class of MySection. All the fields you want to be persistent must be put into that inner class as public members. In your MySection-class you can then access all the members of the inner class by using the _data-member inherited from Section<T>. If you create an instance of your section and pass a unique identifier to the constructor, the data corresponding to that id is automatically loaded out of the App_Data folder and you can access it by using the _data-member.

If at some point in your code, you want changed values to be persisted back into the App_Data folder, you can call the SaveData() method of your section (inherited from Section<T>).

A good starting point for developing your own sections is the HtmlContent section delivered with My Web Pages Starter Kit as it shows you the most basic principles in very few lines of code.
4 Things to remember for security reasons
4.1 Webmaster
As a webmaster, you should remember the following important things:
  1. Please change the 'admin' password as a first action after deployment of your My Web Pages Starter Kit Website.
  2. Log in as admin and set the smpt server (you get this from your hoster) and set your email address for the admin account.
  3. Subscribe to the My Web Pages Starter Kit newsfeed, as it may provide critical security notifications.
  4. Evaluate safety of the shared hosting environment before selecting My Web Pages Starter Kit and a hosting environment and an account type
    1. Don't store personal information on a website in shared hosting environment, as for example:
      • personal data of other people
      • health information
      • credit card information
    2. Evaluate whether a shared hosting infrastructure is safe enough for your purpose.
    3. Evaluate whether unencrypted communication is reasonable (usernames, passwords)
  5. Backup your data on a regular base by downloading the content of the App_Data folder via FTP.
  6. Assign clear responsibilities for maintenance of your homepage:
    1. Who receives security issue notifications?
    2. Who does regular backups?
4.2 Developer
As a developer, you should remember the following important things:
  1. Do not modify the way passwords are hashed.
  2. Do not extend the software in a way, which encourages storage of sensitive information, which is not protected enough in shared hosting environments, as there are:
    • personal data of other people
    • health information
    • credit card information
  3. Consider security best practice when extending and modifying the kit.
  4. Make sure you have subscribed the My Web Pages Starter Kit newsfeed to receive the latest news in case of a security issue.
  5. Keep track on the people for whom you have changed/extended/deployed My Web Pages Starter Kit and which you may want to notify them if a security issue appears
  6. Make sure you always have a copy of your source code, as you may need to test or integrate changes based on security fixes in the future.
5 Configuring IIS for the Silverlight gallery
As long as XAML is not defined as a MIME type in IIS, the Silverlight plug-in can not be loaded correctly. To be able to display the Silverlight gallery, please configure your IIS as follows: (These steps are not necessary if you use IIS 7.0 or higher, since the XAML MIME type is already defined in this version.)
  1. Choose your website in IIS
  2. Open the context menu and choose "Properties"
  3. Select the register "HTTP-Header"
  4. Click on the button labeled "MIME Types..."
  5. If .xaml is not yet listed as a type, choose "New"
  6. Enter the following description:
    Extension: .xaml
    MIME type: application/xaml+xml
  7. Click "Ok", then choose "Apply"
Learn more