I'm currently tasked with fixing an issue where a second IIS server is reflecting the connection from the first IIS server when the IIS interface is loaded up. The first server was configured by someone who didn't really know what he was doing and he asked me to create a second IIS server that's on the same domain, but not connected to the first IIS server. Any help would be greatly appreciated. Thanks!
↧
Second IIS Server reflecting connection from 1st Server only
↧
Encode/Decode questions
I'm using Visual Studio 2017 and SQL Server 2014, VB.
I have built in the ability for the program to notify me by email when certain conditions exist. No problem with that but now I would like to find a way to hide the email account name and password so users can't access that information on their own by viewing and of the code or web configuration files. This implies it should be placed in the database file and encrypted/decrypted at time of use. Does anyone have experience doing anything like this and be willing to point me in the right direction so I can get started? Any help, links to research articles, etc. will be greatly appreciated.
Thanks!
</div>
↧
↧
301,302 Custom Response Message
Is there a way in IIS of customizing the 301,302 response body?
For example when you access the site without a document name the server responds with a 301 Moved Permanently. Unfortunately it also includes the response content:
<head><title>Document Moved</title></head><body><h1>Object Moved</h1>This document may be found <a HREF="http://example.com/example/">here</a>
</body>
Where the host above (example.com) seems to be taken from the request header Host: example.com. So even though the this site actually blocks forged headers (through code) the redirect (to an error page) includes the above (with a 302) and would include any forged header. A 3rd party that provides pen testing lists this as a security vulnerability (which I concur) but I don't seem to have any control over this in IIS.
↧
IIS state after upgrade from server 2008r2 to 2012r2
Hello,
I wanted to know if an in-place upgrade from server 2008r2 to server 2012r2 breaks anything within IIS? I have a few sites in my IIS role on 2008r2 and want to make sure when I upgrade to 2012r2, that all will work as it should? Please advise.
↧
HTTP Handler is not working in managed pipeline mode Classic
Hi all
I am working on an application which requires to have an HTTP Handler for handling a .pdf File
The handler's configuration in web.config file is as followed,
<system.webServer>
<handlers accessPolicy="Read, Script">
<add name="FilePdf" path="*.pdf" verb="*" type="ComplianceMonitor.TestingHandler" resourceType="File" modules="IsapiModule" scriptProcessor="C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64"/>
</handlers>
</system.webServer>
but the problem is that the handler is not working on classic managed pipeline mode, Did I miss something here?
As per the client requirements, we need the handler to work in Classic mode only
Any suggestions.?
Your help is most appreciated
thanks in advance
↧
↧
Application pool identity and certificate issue
Hello,
Hopefully this is posted in the right spot. We are having trouble with a 2 way SSL setup with our customer. We pinned the problem down to our application pool user and the certificate on our end. So here's the issue: From the tracing our customer and us did, we found out that the 2 way ssl process we have setup works up to the point at the end where we have to send our cert over to them. That's the problem, it is not sending our cert over to them. All of our application pools use a domain service account to talk back to our sql backend. This is how we had it setup during testing. We decided to remove that domain user and just use local system as the user for it, and it was then able to complete the 2 way ssl process successfully. The only issue is that now it couldn't talk to the sql backed because we removed that user.
So my issue is how to retain that domain service user and have it pass on the cert stuff the other side needs. What I have tried to fix this issue is two things. First I logged on with the domain service account user and installed the cert under it (I also made that service user a local admin on the machine). I also tried to take our cert under the computer account and gave full control security permissions to the domain service account, IIS_IUSRS, and even Everyone, by changing "manage private keys for it. Both of these attempts did not fix the issue.
So how can I get our domain service account to grab this cert and send it over to the client? Any help would be much appreciated.
Thanks
↧
IIS6 - Bad Request Hostname Invalid
Hi,
I am in the process of moving a web app over onto Windows Server2012, but before i can do that, a previous programmer put a website in a folder under our website and kept using our main website name/the folder name to load up this other web application, which means we cant just swap servers due to us not knowing if he's done any hardcoding on foldernames etc.. so we're leaving his code where it is for now until we get some time to go through it and see what he's done.
So - I've got a new domain name just for his code, its pinging to the server so I know that is all fine (server is win2003) but before I can move the main website, I need to make sure his website will run on its own using that domain name we purchased.
Once his website runs via the new domain, I can switch off the current main website and enable the WS2012 version, job done.
I know IIS can handle multiple websites, under the same port - but for some reason, this new website, set up as a duplicate of our original, (aside from host headings, which are with and without the www prefix to the domain address) just keep giving us Bad Request (Invalid Hostname).
Both sites work from port 80 - the main website still runs fine - just the additional one seems to be giving us the Bad Request error.
Im pretty stuck on what to do as I know the hostname is correct, someone please help! :)
↧
Getting error 403 setting up Citrix Netscaler to forward http requests to Skype FE servers
Can't figure out if this is an IIS thing with 2012 R2 or a Skype for Business thing, but I am posting it here in the hopes that someone else with SFB and a load balancer ran into the same problem.
We use Citrix Netscalers and part of our migration from Lync 2013 to SFB 2015 is updating our load balancer and replacing the Lync FE servers in our Service Groups on the Netscaler with SFB FE servers.
We immediately started getting 403 errors so there is something different in IIS on 2012 R2 than 2008 R2 which our Lync servers run.
If you try to browse to at SFB FE running 2012 R2 on either port 80 or 443, you get the error below:
Server Error
403 - Forbidden: Access is denied
You do not have permission to view this directory or page using the credentials that you supplied.
It works just fine on the Lync 2013 running 2008 R2 so what is different or needs to be done on 2012 R2 to get this to work? We noticed that enabling Directory Browsing on the External and Internal sites in IIS makes the error go away but not sure if this is the correct way to handle this problem. Hoping someone could help. All the load balancer does is take URL's like meet.domain.com and funnel them to 3 different Skype FE servers. When we try to establish a new connection to our SFB FE servers, we get the error above so it can't even talk to IIS.
↧
IIS 8 and web hosting
Hello Team,
TBH, I have new in IIS.
We have IIS 8 running on windows server 2012 R2. I recently updated the server certs for two siteswww.xxx.org and www.yyy.org
After updating the certs, I am able to browse www.xxx.org internally and externally just fine but when i try to browsewww.yyy.org from expternally it is unreachable. www.yyy.org internally works just fine.
When I check www.yyy.org here https://www.digicert.com/help/ it says unable to connect.
Here are the settings of bindings.
for www.xxx.org
Type: https
IP add: All Unassigned
POrt: 443
Hostname: www.xxx.org
SSL cert: xxxxxx
for www.yyy.org
Type: https
IP add: All Unassigned
POrt: 443
Hostname: www.yyy.org
checked box Require Server Name Indication
SSL cert: xxxxxx
I am also gettings this message: No default ssl site has been created to support browsers without sni capabilities, it is recommended to create a default ssl site.
I appreciate your time and effort.
Thanks,
↧
↧
Generate Line Chart (3 lines) from a CSV file
Hello,
CSV file A
Date, Place, Level
12/6, A site, 12.435
13/6, A site, 53.454
14/6, A site, 1.545
12/6, B site, 43.456
13/6, B site, 14.542
14/6, B site, 21.512
12/6, C site, 12.212
13/6, C site, 2.321
14/6, C site, 32.514
I have a CSV file like the one above.
I would like output a line chart, with 3 lines, one of A, one for B and one for C
X-axis would be Date, and Y-axis would be Level.
If the CSV file is organized as below, I could generate the chart I want easily
CSV file B
Date, A Site, B Site C Site
12/6, 12.435, 43.456, 12.212
13/6, 53.454, 14.542, 2.321
14/6, 1.545, 21.512, 32.514
Would anyone advise on plotting the graph directly from CSV file A, or a method to convert file A to B?
I am a newbie of Log Parser, just use it for one week
Regards,
Eric
↧
Does Management UI extension work via remote connection?
Hi there,
If I want to implement my custom IIS Manager Module (using .NET) that extends Management UI (let's say brings a custom ModulePageInfo) how can I make it work when connecting to remote IIS on another box? Is it even possible?
The idea is that I want UI Extension where I can right-click on a website to do some stuff. But I want to install it once on my local machine (to extend my local IIS Manager), and then connect to remote IIS (machines) and use it against remote web sites.
Best Wishes,
- Oleg
↧
I need your help
Hello, I need your help, thank you!
--------------------------------------------------------------------------------------------
<rule name="cba">
<match url="^/([0-9]{1,3})/$" ignoreCase="true" />
<action type="Rewrite" url="/baby/0/{R:1}/" appendQueryString="false" />
</rule>
url:
localhost/baby/0/456/
Rewriting:
localhost/baby/456/
This can be used
--------------------------------------------------------------------------------------------
localhost/baby/1/1567/
localhost/baby/2/2678/
localhost/baby/3/3789/
Rewriting:
localhost/baby/1567/
localhost/baby/2678/
localhost/baby/3789/
This is not available, (Subdirectory:1,2,3, It's 1000 redundancy.,) {C:1} Unrecognized “/1/”“/2/”“/3/”
<rule name="abc">
<match url="^/([0-9]{4,5})/$" ignoreCase="true" />
<action type="Rewrite" url="/baby/{C:1}/{R:1}/" appendQueryString="false" />
<conditions>
<add input="{REQUEST_FILENAME}" pattern="/([0-9]{1,2})([0-9]{3})/$" />
</conditions>
</rule>
What's wrong with my rule? Or can these two rules be merged into one rule? Thank you!
↧
Read Environment Variable in Rewrite Rule?
I want to restrict access to a non-production ASP.NET Core website. The ASP.NET Core website has the "ASPNETCORE_ENVIRONMENT" environment variable set to "Staging". Can the value of "ASPNETCORE_ENVIRONMENT" be used in IIS rewrite rule? The following rule is not working:
<rule name="Restrict access if the site is not production" stopProcessing="true"><match url=".?" /><conditions><add input="{APP_WARMING_UP}" pattern="1" negate="true" /><add input="{HTTP_HOST}" pattern="^localhost$" negate="true" /><add input="{ASPNETCORE_ENVIRONMENT}" pattern="^Production$" negate="true" /></conditions><action type="CustomResponse" statusCode="403" statusReason="Forbidden" /></rule>
↧
↧
IIS 8.0 keep asking credential for google chrome | IE works fine
We have few web server and all are working fine
but newly created server with same web application having some issue with google chrome while authenticating
We have added out site into trusted-sites in IE settings and IE works fine but google chrome keep asking credential not able to find out solution for the same.
↧
IIS 6 Management Compatibility Dependency for Installer
Hi,
We have a Web installer Project and we are able to create the package and install using the package only when IIS 6 Management Compatibility" windows feature turned on.
we are not able to install the package when "IIS 6 Management Compatibility" windows feature is turned off.
Let me know how to eliminate the dependency on "IIS 6 Management Compatibility" windows feature.
Or is there any workaround to achieve this.
Thanks,
Raja.
↧
Problem with url in IIS
Hi,
I have a Windows Server 2008 R2 with IIS 6.2 with a default website published.
I have a url that is binded to the webserver, and when I access http://www.siteurl.com I can reach the default page.
But I have a subfolder that I need to access a website but through url (www.siteurl.com/abc/def).
When I go with IP (internal - 192.168.x.x/abc/def or external - 111.111.111.111/abc/def), I can reach the webpage, but when I try http://www.siteurl.com/abc/def from outside I get an error that "The requested URL /abc/def/ was not found on this server.".
This is driving me crazy...
What can this be? What o I need to do to fix this dns/url/whatever misconfiguration?
Thanks a lot.
BM
↧
IIS 6.0 (Server 2003) to IIS 8.5 (Server 2012 R2)
Hello!
I have been banging my head against my desk for the past couple weeks trying to figure out why I cannot migrate my IIS 6.0 (Server 2003) webwsites to IIS 8.5 (Server 2012 R2) using the MSDEPLOY tool.
I've used mostly used this blog post - https://blogs.msdn.microsoft.com/ericparvin/2014/09/12/migration-from-iis-6-to-iis-7-x-8-x/ - and due to our environment, I really need to be able to use the PUSH or PULL method to sync the servers. These servers are on the same subnet/workgroup and am logged in as a local administrator on both but I cannot get them to sync.
Running this code.....
msdeploy -verb:sync -source:metakey=lm/w3svc/123456 ^
-dest:metakey=lm/w3svc/123456,computername=IPADDRESS -whatif
I get this error....
Error Code: ERROR_USER_NOT_ADMIN More Information: Connected to 'IPADDRESS' using the Web Deployment Agent Service, but could not authorize. Make sure you are an administrator on 'IPADDRESS' Error: The remote server returned an error: (401) Unauthorized
Now as I mentioned, these servers are not on the domain and therefore I can't use domain admin credentials. How can I give permission to either push/pull and migrate to IIS 8.5?
↧
↧
IIS php soap webserver works until 40kb
Hi guys, I have a big problem with a web service soap in php 7.2. everything works very well with requests up to about 40kb. With requests above this dimension, usually with attached PDFs, the request remains pending until the timeout. Of these timeouts I can not find a trace in the failed request trace. In the c: / windows / temp folder I also find all these requests of various sizes, from 40kb to few mb truncated in the last lines of the file. I raised all the possible values in the configuration editor, but I could not solve it
EDIT: Wrong section, i ve IIS 8.5 and windows server 2012R
↧
Clarify about IIS thread
Hello,
I'm trying understand the IIS 8.5 behavior with my SPA app and is not asynchronous.
After read the articles:
https://docs.microsoft.com/en-us/dotnet/framework/configure-apps/file-schema/web/applicationpool-element-web-settings
https://docs.microsoft.com/pt-br/dotnet/standard/threading/the-managed-thread-pool
https://blogs.msdn.microsoft.com/tmarq/2007/07/20/asp-net-thread-usage-on-iis-7-5-iis-7-0-and-iis-6-0/
https://support.microsoft.com/en-us/help/821268/contention-poor-performance-and-deadlocks-when-you-make-calls-to-web-s
https://fullsocrates.wordpress.com/2013/02/28/asp-net-threads-thread-parameters-in-iis-worker-processes-2/
https://blogs.msdn.microsoft.com/webtopics/2009/02/13/asp-net-hang-in-iis-7-0/
https://fullsocrates.wordpress.com/2013/02/28/asp-net-threadstuning-thread-parameters-12-2/
I understand that, my application can accept 5000 simultaneos request . but my hardware have 2 core and 2 threads,Will these requests be processed in parallel?
Can i increase the thread minimum parameters?
Because when I start the vm and put it behind the loud balancer, the worker proccess enqueue much request, after some minutes all request is answer in seconds. But until the answer the customers are waiting (withe screwn).
↧
MS FTP server on Windows 2016 not responding the same way 2008 servers do to Passive requests.
Hi There; thanks for reading, We have recently been upgrading our Windows Server machines to Windows Sever 2016 with FTP server on IIS 10.0 and noticed that when our current perl scripts (ver. 5.16.3) - running on redhat 7.1 - tries (on a passive connection) to get a nonexistent file from the Windows server, server won't respond with a normal "The file <fname> does not exist on the FTP server" message and instead it says: "Can't use an undefined value as a symbol reference at /usr/share/perl5/Net/FTP/dataconn.pm line 54."
- Please note that we are not planning to make any changes to our current ( more than 20 production products ) on redhat so upgrading the perl libraries to ver 5.18.* or even one liner change of making the connection an active connection is not possible.
Wondering if anybody knows about this issue or if there is any configuration that needs to be tweaked to get this thing to work.
Regards;
Sean
↧
