I’m perplexed when I hear that .net, php, and other programming languages are the best for web development. But they are not sure of its security! For that reason, I am starting this discussion for everyone who can answer my query.
Any language can be secure, and any language can be insecure. It all depends on the skills of the developers building the sites, using best practices towards security. And security isn’t limited to the server side. Client side security is just as important.
Do you have specific questions on any one aspect of security? Your question is overly broad to really be able to answer it well.
(I’ve moved this to “community” as it’s not specifically about the PHP language)
.Net is not a language. C# is typically the language used with .Net but there are many other languages that use .Net.
I assume your query is limited to websites. For websites the server is important, such as IIS, Apache and Nginx.
The subject of websites using .Net is complicated. They usually (as far as I know, always) use ASP.Net. There is ASP.Net Core. I do not know what ASP.Net is called that is not Core; as I said, it is complicated. ASP.Net Core is designed to provide portability; websites using it can be used in a server under Linux.
I believe that PHP provides much of what ASP.Net provides.
There are entire books about website security. A worthwhile discussion of website security would be extensive (big).