As you probably know SSL certificates use the https protocol to encrypt communication between your web browser and the web server hosting the web site you’re visiting. You can always tell when your session has been encrypted because your browser will display a lock icon near the address of the site in the browser’s location […]
- Home
- IIS
IIS
Resolving IIS WMSVC Underlying Connection Was Closed
IIS Manager Remote Administration is a handy tool for for a web server administrator when you have multiple servers to manage. This feature will save you the trouble of having to Remote Desktop into each server every time you need to touch IIS. With IIS Manager Remote Administration you can login to one server for […]
IIS, Windows Server 2008, Windows Sever 2012Using aspnet_regiis.exe to Encrypt Connection Strings
When it comes to securing IIS web applications on Windows Server 20008 R2 or Windows Server 2012 R2 one typically thinks of firewalls, access control lists (ACL), and using an application pool identity. These security measures will protect a site from external threats . However, .Net configuration files which typically store username and password data […]
asp.net, aspnet_regiis.exe, encryption, IIS, IIS7, IIS8Blocking SQL Injection with IIS Request Filtering
SQL Injection became a favorite hacking technique in 2007. Despite being widely documented for so many years it continues to evolve and be utilized. Because SQL Injection is such a well known attack vector, I am always surprised when as sysadmin I come across someone’s site that has been compromised by it. In most instances […]
IIS, IIS 7, IIS 8, Request Filtering, SQL InjectionManaging IIS Logs with GZipStream
Depending on how many sites your Windows web server is hosting maintaining IIS logs can be a challenge. IIS logs provide valuable insight into the traffic your sites are experiencing as well as detailed SEO metrics and performance data. A typical web server will have just enough free disk space for future growth needs but […]
asp.net, c#, IIS, IIS 7, IIS 83 Steps to Securing FTP on IIS 8
The FTP protocol is some 43 years old now. Yet it continues to be one of the most widely used file transfer technologies available. Over the years it has been shown to be vulnerable to brute force attacks, packet capture, and other attack vectors. Fortunately with IIS 8 on Windows Server 2012 your FTP server […]
FTP, FTP Logon Attempt Restrictions, FTP Over SSL, FTP User Isolation, IIS, IIS 7, IIS 8, Windows Server 2012Preventing Automated Attacks with IIS Dynamic IP Restrictions
Another one of the great built-in features of IIS 8 is Dynamic IP Restrictions (DIPR). With a few simple configuration steps you can quickly set limits for blocking IP addresses based on the number of concurrent requests or frequency of requests over a period time. With these parameters in place IIS will take over blocking […]
Dynamic IP Restrictions, Fiddler, IIS, IIS 7, IIS 8, Log Parser, StressStimulusSolving SQL Server High CPU with IIS Request Filtering
The other day I was troubleshooting 100% CPU utilization on a SQL Server 2008 database server. The server had 100 or so databases of varying sizes however none were larger than a few hundred MB and each database had a corresponding web site on a separate web server. Since the server hosted quite a few […]
DTA, IIS, IIS 7, IIS 8, Log Parser, SQL Injection, SQL ProfilerScaling SSL With IIS 8 Server Name Indication (SNI)
One of the many great new features with IIS 8 on Windows Server 2012 is Server Name Indication (SNI). SNI is a TLS extension that includes the hostname or virtual domain name during SSL negotiation. The reasoning behind this was to improve SSL scalability and minimize the need for dedicated IP addresses due to IPv4 […]
IIS, IIS 8, SSL, Windows Server 2012Installing WordPress, PHP, and MySQL on Windows Server 2012 R2
Microsoft’s Web Platform Installer (Web PI) makes installing applications a breeze. In a recent blog post I covered just how easy installing IIS has become using Web PI. In this walkthrough I’m going to cover installing WordPress, PHP, and MySQL using Web PI. I remember the days when installing these applications was a manual process. […]
IIS, IIS 8, PHP, Web PI, Wordpress