Dec 272013
 

Thanks to Microsoft’s Web Platform Installer (Web PI) installing IIS has never been so easy. Before using Web PI to install IIS became available,  you had to use the Server Manager to install the Web Server (IIS) role and then select various Role Services that you need to be enabled. Depending on your level of expertise this could be a challenging task with lots scrolling back and forth and click upon click to get things just right,  but now you can have IIS deployed with just 3 clicks of your mouse.

Install Web PI

If you’re not familiar with the Web PI, it is a powerful tool that can be used to install not only IIS but also SQL Server Express, Visual Web Developer, Express, PHP, WordPress, Umbraco, and many other 3rd party applications from the Windows Web Application Gallery. If you haven’t already done so first Download Web PI and install it. It’s free and has a small footprint of only 2 MB.

image

Select IIS Recommended Configuration

Once Web PI has been installed just launch the program . It will open to the Spotlight tab so just click on the Products tab and click Add next to IIS Recommended Configuration. If you don’t see it in the opening list just search for it. All you need to do after this is just click Install at the bottom of the window.

 

image

 

You may be curious as to what options are installed with the IIS Recommended Configuration. Here is what will be installed:

  • ASP.NET
  • Static Content
  • Default Document
  • Directory Browsing
  • HTTP Errors
  • HTTP Logging
  • Logging Tools
  • Request Monitor
  • .NET Extensibility
  • Request Filtering
  • Static Content Compression
  • ISAPI Extensions
  • ISAPI Filters
  • WAS Process Model
  • Management Console
  • WAS Configuration API
  • WAS .NET Environment
  • .NET 4.5 Extended with ASP.NET for Windows 8
  • .NET 3.5 for Windows 8

Before the installation starts you need to accept the license terms so just click I Accept.

image

 

The installation will run for a few minutes installing the essential features for IIS to work properly.

image

 

Once Web PI has completed installing IIS just click Finish.

image

 

Using IIS Manager

Your server is now ready for hosting web sites. Open IIS Manager and you’ll see the Default web site has been configured.

image

 

When you browse http://localhost you’ll see the familiar IIS Start Page.

image

This page is named iisstart.htm and appears in the Default Documents list above default.aspx so once you upload your web site files be sure to delete this page.

Next Steps?

Now that you have IIS installed what’s next? Well you’ll want to go back to Web PI and at least install FTP Publishing. Once you have FTP Publishing installed you want to look into configuring FTP User Isolation as well as using FTP over SSL for greater security when transferring content to and from your server. You may also want to look at installing Url Rewrite 2.0 from Web PI. Url Rewrite offers many ways to rewrite urls for SEO and perform 301 redirects as well as blocking page requests.

Summary

The Web Platform Installer (Web PI) is a powerful tool for deploying a wide variety of 3rd party applications such as WordPress and other popular CMS products but it can also be used to install IIS or even SQL Server Express on your server. The Web PI offers  unparalleled ease and convenience with installing applications on Windows servers. Thanks for reading.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
Oct 072013
 

When you need quick analysis of your traffic logs you won’t find an better tool than Microsoft’s free Log Parser. With Log Parser you can read a variety of log files including the Registry and Windows event logs. It’s ease of use comes from using SQL queries against your log file. You can get your data even faster by using multiple log parser queries in a batch file.

image

The other day I was helping someone who needed some “top 10” data from their site’s log. Since I had these in my trusty batch file I could provide the text reports within seconds. However, I like to offer a little more pizzazz when possible so this time I decided use Log Parser’s native charting capability to output the results with some nice charts.  As the saying goes a picture is worth a thousand words.

Here’s the query I used to create the chart above:

logparser.exe -i:iisw3c "select top 10 cs-uri-stem, count(*)  into top10requests.gif 
from <file> group by cs-uri-stem order by count(*) desc" 
-o:CHART -chartType:pieexploded3d -categories:off -chartTitle:"Top 10 Requests"

 

Installing Office Web Components

Charting is a native feature of Log Parser however there is a dependency for Office 2003 Add-in: Office Web Components. Depending on where you are running Log Parser the first time you try to output your query to a chart you may see this error message:

Error creating output format “CHART”: This output format requires a licensed Microsoft Office Chart Web Component to be installed on the local machine

If you didn’t see the error above then you’re all set but if you saw the error then it will be necessary to install the Office Web Components before you can start outputting charts. Once you’ve downloaded the file just accept the License Agreement and click Install.

image

The installation runs quickly. Click OK to close the window.

image

 

Example Log Parser Reports with Charts

Now you’re ready to start creating some colorful charts. The most useful parameters in my opinion are –chartType, –chartTitle, –categories, –values, and –legend. There are some 20+ chart types that you can choose from including:  Pie, PieExploded, PieExlpoded3D, LineStacked, Line3D, BarClustered, ColumnClustered, Smooothline. The default chart type is Line.  To see all the possible chart options run this simple command:

LogParser -h -o:CHART

To take your charts to the highest level of customization you can use an external configuration script with Jscript or VBscript . Take a look at the MSDN ChartSpace Object Model documentation for more information.

Here are a few different charts with various options.

image

logparser.exe -i:iisw3c "select top 10 cs-uri-stem, count(*)  into top10requests.gif 
from x.log group by cs-uri-stem order by count(*) desc" 
-o:CHART -chartType:pieexploded3d -categories:off -chartTitle:"Top 10 Requests"

 

 

image

logparser.exe -i:iisw3c "select top 10 sc-status, count(*)  into top10errorcodes.gif 
from x.log group by sc-status having sc-status not in ('200') order by count(*) desc" 
-o:CHART -chartType:column3d -categories:on -values:on -chartTitle:"Top Status Codes"

 

 

image

logparser.exe -i:iisw3c "select top 10 cs-uri-stem, count(*)  into top10_404.gif 
from x.log group by cs-uri-stem, sc-status having sc-status in ('404') order by count(*) desc" 
-o:CHART -chartType:BarClustered3D -values:on -categories:on -chartTitle:"Top 10 404 Status"

 

image

logparser.exe -i:iisw3c "select quantize(time, 60) as TimeGenerated, count(*) as Hits into 
hitsperminute.gif from %1 group by TimeGenerated" -o:chart -chartType:Line –chartTitle:"Hits per Minute"

 

 

 

image

 

logparser.exe -i:iisw3c "SELECT TOP 10 cs-uri-stem AS RequestedFile, COUNT(*) AS TotalHits, 
MAX(time-taken) AS MaxTime, AVG(time-taken) AS AvgTime into slow.gif from x.log 
where EXTRACT_FILENAME(cs-uri-stem) not in('%begin%') GROUP BY cs-uri-stem ORDER BY MaxTime, TotalHits DESC" 
-o:CHART -chartType:barclustered3d -values:off -categories:on -chartTitle:"Top 10 Slowest Requests"

 

In Summary

Microsoft’s Log Parser is a powerful tool for log file analysis. You can use it to analyze text files, csv files, Window’s event logs and even the Windows Registry.  You can make boring reports come alive with colorful charts.  There is a dependency on Office Web Components for charting to work but that is easily solved. Thanks for reading.

Jul 222013
 

Redirecting visitors on your site from one page to another is handled by using either a 301 redirect or a 302 redirect. The numbers 301 and 302 refer to the http status code that is returned by the web server to your browser. They may seem similar but they are quite different. A 302 indicates a temporary change and a 301 indicates a permanent change. This difference is important to understand and will impact how search engines see content changes on your site. There are a number of ways to implement a 301 redirect on your web site. Some are easier than others to configure and will depend on the version of IIS you are using. Here’s the story of how I recently had to use the global.asax and Application_BeginRequest to do a 301 redirect.

Unforeseen consequences of revoking a certificate

The other day I was helping someone who had revoked their site’s SSL certificate. They were no longer going to use SSL on their site so they figured revoking the certificate was a logical decision. Unfortunately what they had not realized was that the https:// url of their site had been indexed by most search engines and they were getting a lot organic traffic to their site using that url. By revoking the certificate many of their visitors were now seeing dire warnings in their browsers like the picture below instead of going to their site. This was not good.

image

 

Not being a technical person they figured that just removing the certificate from the site bindings would solve their problem. This was not a good idea. On the one hand it solved the problem with the browser security warnings being displayed but in fact it just caused a different problem. People were still accessing the https:// url of their site so instead of a security warning now they were just seeing an error. Using Fiddler you can see that a 502 error is generated when you try to access a site using https without having a binding for it.

image

 

The need for a redirect

We needed to take visitors accessing the https url of the site and send them to the http url of the site. This is the perfect application of using either a 301 or 302 redirect. However, here’s where things got a little more complicated. Ordinarily I would just use Url Rewrite or even a Url Rewrite Map to handle the 301 redirects. Unfortunately their site was hosted on IIS 6 so we couldn’t use Url Rewrite. Furthermore we only needed to redirect incoming requests using SSL. The site content was fine so page level redirects such as a meta tag refresh weren’t going to help in this case either.

Since the site was using .Net 2.0 I decided to use the Application_BeginRequest event in the global.asax. This is the first event in the HTTP pipeline change of execution when asp.net responds to a request. Using this event I created a conditional statement to test the HTTPS server variable to see if the request was being made using SSL or not. If the request was made with SSL then we would redirect it to the http url of the site as shown below. Bear in mind however that Response.Redirect’s default status is 302 –a temporary redirect. In my situation I needed a 301 permanent redirect so that search engines would drop the https url from their index. So I had to add the extra line of Response.StatusCode=301.

image

At this point I was pretty satisfied I had solved my friend’s problem. I had setup a test site with an SSL certificate and the redirect worked great. Unfortunately when I set it up on the live site (with the revoked certificate) nothing happened Sad smile.  It turned out that because the site’s certificate had been revoked, browsers weren’t actually loading the site which in turn meant the redirect wasn’t happening. There was only one way to solve this last piece of the puzzle and that meant putting in a valid SSL certificate again. So I created a Certificate Signing Request for my friend’s site and within minutes they had a new $9 RapidSSL certificate from Namecheap.com. Once a new certificate was bound to the site the https page requests started working again and then our custom 301 redirect in the global.asax was able to do it’s job.

 

Testing a 301 Redirect

Because I needed the redirect to be permanent I wanted to be sure it was really returning a 301 status. Checking the web site’s www logs would have confirmed this but that’s a bit cumbersome especially when a tool like Fiddler makes it so easy to check. Fiddler is a free web debugging tool. As one can see in the pictures below the redirect was in fact returning a 301 status code.

image

Here you can see the raw header and body of the request.

image

If you need to remove a url from a search engine’s index you can contact them directly:

https://support.google.com/webmasters/answer/164734?hl=en

http://www.bing.com/webmaster/help/how-can-i-remove-a-url-or-page-from-the-bing-index-37c07477

Please note that is is not a fast process and using a 301 permanent redirect is the best solution.

Summary

Sending traffic to a different location on your site can be accomplished using either a 301 permanent redirect or a 302 temporary redirect and this will ensure your search engine ranking isn’t impacted. There are many techniques to implement a redirect such as using Url Rewrite, meta tags, or even Response.Redirect. If you’re going to revoke an SSL certificate or remove one from your site, first be absolutely sure that there isn’t traffic using the certificate. Thanks for reading.

Dec 092012
 

The other day I was helping someone who was trying to configure a wildcard certificate on their Windows Cloud Server. Their server was running Windows 2008 R2 server using IIS 7. The were technically savvy and knew how to configure site’s on their own and install a regular SSL certificate but they were stuck trying to get a wildcard certificate configured properly.

They had quite a few site’s configured using subdomains such as support.domain.com, mail.domain.com, login.domain.com, etc. To tighten security they decided to use SSL to protect all these sites so they bought a wildcard certificate for *.domain.com. They installed the new certificate on the 1st site correctly but when they tried doing it on the 2nd site they couldn’t. IIS wouldn’t let them assign the certificate on the other sites using a shared IP address. Does this sound familiar? Here’s how you can solve it and it’s easier than you think.

Here are 4 site’s configured in IIS using host header xxx.domain.com with the same IP address.

image

 

After installing our wildcard SSL certificate we assign the binding on the first site.

image

 

Testing the site we see that the wildcard SSL certificate is working great.

image

 

Now we go to site #2 and try to assign our certificate. However we’re not able to enter a host name for site #2.

image

 

If we click OK and try to proceed we get a warning about the dire consequences of our actions. As soon as we try to access site #2 using SSL, IIS will actually stop site #1 which cause all kinds of issues for our users.

image

 

Now that we’ve seen the problem let’s the get to the solution. According to my friend, former coworker, and IIS MVP Scott Forsyth, it turns out that this is not a bug and the IIS team designed it to work this way. There are 2 ways to solve this particular issue when using a wildcard SSL certificate. One way is to simply execute the following app command for each binding that you need.

appcmd set site /site.name:”” /+bindings.
[protocol='https',bindingInformation=':443:']

This certainly works however I tend to have hard time remembering the syntax which leads us to the 2nd method which is in my opinion is far easier and has to do with how the wildcard SSL certificate was originally installed.

Remember back when you had just received the completed wildcard certificate from your SSL vendor? Like most IT people you were probably in a hurry when you installed it. Do you remember what you entered when you were prompted for a Friendly name before saving it? Chances are you just entered “domain.com” however what you should have specified is “*.domain.com”. Doh!

You can check this easily by looking at the certificate store in IIS Manager. If the Name column doesn’t show the * then you need to change it before it SSL binding on multiple sites will work properly.

image

 

So how does one change the Friendly name this after the certificate has already been installed? Open the MMC Snap-In for Certificates. Right-click on the certificate and change the Friendly name to *.domain.com. Save the changes and close out the MMC.

image

 

Now that the Friendly name has been changed to *.domain.com go back to IIS and try to add the SSL binding for site number #2 and now it works. Woohoo. Smile

image

 

Now you can add your wildcard certificate to as many subdomain host header sites as needed using only 1 IP and you don’t have to remember any programming syntax. I hope this helps and thanks for reading.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
Sep 132012
 

Before IIS 7, if you wanted to do url rewriting with IIS 6 you had to use a 3rd party program such as ISAPI Rewrite by helicontech.com. This was a good program but it wasn’t native to IIS and there were limitations such as a site hosting more than 1 domain with different applications running.

With IIS 7 url rewriting and redirecting has never been easier thanks to Microsoft’s Url Rewrite module. The rewriting is done by rules which are specified in the web.config under <system.webserver> element. Using IIS Manager you can use the Url Rewrite gui to create and maintain your rules.


You can also just put the rules directly into the web.config without using the gui. For example:

<system.webserver>
<rewrite>
<rules>
<rule name="xyz">...blah...</rule>
</rules>
<rewrite>
</system.webserver>

IIS 7 Url Rewrite WWW

One of the most common needs for SEO is to force your site to use www for all page requests so that search engines will go to www.mydomain.com instead of domain.com. This is very easy to do with IIS 7′s Url Rewrite. Here is the rule:

<rewrite>
<rules>
<rule name=”Redirect to www” patternSyntax=”Wildcard” stopProcessing=”true”>  
<match url=”*” />
<conditions>
<add input=”{HTTP_HOST}” pattern=”peterviola.com” />
  </conditions>
 <action type=”Redirect” url=”http://www.peterviola.com/{R:0}” />
</rule>
</rules>
<rewrite>

This works really well and it is a completely seamless experience for your web site visitors.  Here is how the rule looks in the IIS Manager gui.

IIS 7 Url Rewrite HTTP to HTTPS

Probably the 2nd most common use of Url Rewrite is for sites that have SSL certificates installed and need to seamlessly redirect page requests using the certificate for either the entire site or a particular folder. Here is the Url Rewrite rule for redirecting requests on the entire site. You simply detect if the request is not secure and then redirect to the secure channel:

<rewrite>
<rules>
<rule name="HTTP Redirect to HTTPS" enabled="true" stopProcessing="true">
<match url="(.*)" ignoreCase="false" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
</rules>
</rewrite>

IIS 7 Url Rewrite HTTP to HTTPS on Subfolder

The example above is great but running your entire site in HTTPS will have a performance impact so you don’t need to do it unless there is a specific business requirement for it. So then we need a rule to redirect requests to HTTPS for just one folder. In this example we’ll use a folder called “/secure”. In this instance we use the same rule as above however now we only want page requests for the “secure” folder. This is done by modifying the “match url” element.

<rewrite>
<rules>
<rule name="HTTPS on subfolder" enabled="true">
<match url="(^secure/.*)" ignoreCase="false" />
<conditions>
<add input="{HTTPS}" pattern="off" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}/{R:1}" appendQueryString="true" redirectType="Permanent" />
</rule>
<rules>
<rewrite>

We’ve covered 3 of the most common uses of IIS 7 Url Rewrite but if you notice the rules above are really for redirecting and not url rewriting. We’ll cover more examples on rewriting in an upcoming post.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS