SQL Injection became a favorite hacking technique in 2007. Despite being widely documented for so many years it continues to evolve and be utilized. Because SQL Injection is such a well known attack vector, I am always surprised when as sysadmin I come across someone’s site that has been compromised by it. In most instances […]
- Home
- Posts tagged "IIS 7"
Posts tagged "IIS 7"
Managing IIS Logs with GZipStream
Depending on how many sites your Windows web server is hosting maintaining IIS logs can be a challenge. IIS logs provide valuable insight into the traffic your sites are experiencing as well as detailed SEO metrics and performance data. A typical web server will have just enough free disk space for future growth needs but […]
asp.net, c#, IIS, IIS 7, IIS 83 Steps to Securing FTP on IIS 8
The FTP protocol is some 43 years old now. Yet it continues to be one of the most widely used file transfer technologies available. Over the years it has been shown to be vulnerable to brute force attacks, packet capture, and other attack vectors. Fortunately with IIS 8 on Windows Server 2012 your FTP server […]
FTP, FTP Logon Attempt Restrictions, FTP Over SSL, FTP User Isolation, IIS, IIS 7, IIS 8, Windows Server 2012Preventing Automated Attacks with IIS Dynamic IP Restrictions
Another one of the great built-in features of IIS 8 is Dynamic IP Restrictions (DIPR). With a few simple configuration steps you can quickly set limits for blocking IP addresses based on the number of concurrent requests or frequency of requests over a period time. With these parameters in place IIS will take over blocking […]
Dynamic IP Restrictions, Fiddler, IIS, IIS 7, IIS 8, Log Parser, StressStimulusSolving SQL Server High CPU with IIS Request Filtering
The other day I was troubleshooting 100% CPU utilization on a SQL Server 2008 database server. The server had 100 or so databases of varying sizes however none were larger than a few hundred MB and each database had a corresponding web site on a separate web server. Since the server hosted quite a few […]
DTA, IIS, IIS 7, IIS 8, Log Parser, SQL Injection, SQL ProfilerInstalling IIS on Windows Server 2012 with Web PI
Thanks to Microsoft’s Web Platform Installer (Web PI) installing IIS has never been so easy. Before using Web PI to install IIS became available, you had to use the Server Manager to install the Web Server (IIS) role and then select various Role Services that you need to be enabled. Depending on your level of […]
IIS, IIS 7, IIS 8, Web PI, Windows Server 2008, Windows Server 2012Enhancing Log Parser Reports with Charts
When you need quick analysis of your traffic logs you won’t find an better tool than Microsoft’s free Log Parser. With Log Parser you can read a variety of log files including the Registry and Windows event logs. It’s ease of use comes from using SQL queries against your log file. You can get your […]
IIS, IIS 7, IIS 8, Log Parser, Windows Server 2008, Windows Server 2012Using Application_BeginRequest for a 301 Redirect
Redirecting visitors on your site from one page to another is handled by using either a 301 redirect or a 302 redirect. The numbers 301 and 302 refer to the http status code that is returned by the web server to your browser. They may seem similar but they are quite different. A 302 indicates […]
301 redirect, asp.net, c#, IIS, IIS 6, IIS 7, SEOUsing Wildcard SSL Certificates on IIS 7
The other day I was helping someone who was trying to configure a wildcard certificate on their Windows Cloud Server. Their server was running Windows 2008 R2 server using IIS 7. The were technically savvy and knew how to configure site’s on their own and install a regular SSL certificate but they were stuck trying […]
IIS, IIS 7, SSLIIS 7 Url Rewrite Rules for SEO and Security
Before IIS 7, if you wanted to do url rewriting with IIS 6 you had to use a 3rd party program such as ISAPI Rewrite by helicontech.com. This was a good program but it wasn’t native to IIS and there were limitations such as a site hosting more than 1 domain with different applications running. \r\n With IIS 7 […]
IIS, IIS 7, Url Rewrite