iis - Sysadmins of the North

Redirect HTTP to HTTPS

In this post I provide you various HTTP to HTTPS redirection methods, for Windows Server IIS and Linux Apache. Use these examples to your advantage to secure the traffic between your visitors and your website.

Published on Friday, 13 March 2015

Joomla websites abused as open proxy for Denial-of-Service attacks

Joomla websites using the Googlemaps plugin for Joomla are actively abused as open proxy for launching Denial-of-Service (DoS) attacks. Even though the Googlemaps plugin vulnerability plugin_googlemap2_proxy.php was released over one and a half (1,5) years ago, I still see these DoS-attacks happening on a regular basis...

How to set a good PHP realpath_cache_size

Learn how to optimize PHP performance by checking and setting PHP realpath_cache_size

Published on Thursday, 23 October 2014

Conditionally start Application Pools on remote IIS web servers

In this article you'll learn how to start all stopped application pools that have the ApplicationPool.AutoStart property set to $True using AppCmd.exe or PowerShell. This is something you often or occasionally have to perform on various servers, for example when an application pool hangs.

Published on Thursday, 11 September 2014

Custom PHP version on IIS Express and WebMatrix 3

PHP 7 with OPcache in IIS Express for Microsoft WebMatrix 3, learn how to create your own PHP development environment easily with Microsoft WebMatrix and IIS Express and your own custom PHP version.

Published on Tuesday, 19 August 2014

Mod_evasive on IIS

Website DDoS protection with mod_evasive. Mod_evasive is a module for Apache and Windows Server IIS (using Helicon Ape). It provides protection and evasive action in the event of an HTTP DoS-, DDoS or brute force attack. Detection is performed by creating an internal dynamic hash table of IP Addresses and URIs, and denies an IP address access to a website if it's requesting the same page more than 10 times a second. This is configurable.

Remove IIS Server version HTTP Response Header

Windows Server IIS loves to tell the world that a website runs on IIS. It does so with the `Server:` header in the HTTP response, as shown below. In this post I'll show you how to remove HTTP response headers in Windows Server IIS. You don't want to give hackers too much information about your servers, right?.

Published on Sunday, 6 July 2014

.svc WCF web service returns 404 Not Found on IIS 8

When a Windows Communications Foundation (WCF) web service returns a 404 Not Found error, after installing the HTTP-Activation feature in IIS, you might need to add an extra Handler to your IIS configuration.

Published on Monday, 30 June 2014

Send email with Ghost using SMTP authentication and TLS encryption

Ghost Publishing platform uses Nodemailer to send e-mails with Node.js. It can send e-mail using SMTP, sendmail or Amazon SES and is Unicode friendly. As you know, more and more web hosting providers require SMTP authentication (often abbreviated as SMTP AUTH) and a TLS encrypted connection to send email. Here you'll find some script examples to Send secure SMTP email from your website.

Export and migrate WordPress to Ghost

I wanted migrate from WordPress to Ghost, but failed. Here's the write up.

Published on Monday, 16 June 2014

Newer

Older

windows-server (112) iis (80) powershell (77) php (55) wordpress (47) mysql (36) windows (34) performance (28) linux (23) web.config (23) Website (22) htaccess (20) aspnet (19) url-rewrite-module (19) sql-server (18) bash (18) optimization (18) ssl (17) plugin (13) windows-10 (12) gnu-linux (12) devops (11) monitoring (11) security (10) appcmd (10) wsl (9) smtp (9) wincache (9) wmi (8) zabbix (8) windows-update (8) opcache (8) openssh (7) database (7) dism (7) iis-60 (7) sysops (6) wsus (6) apache (6) hyper-v (6) virtualization (6) spam (6) functions-php (6) classic-asp (6) ddos (6) password (5) email (5) active-directory (5) umbraco (5) joomla (5) command-line (5) application-pool (5) blacklist (5) t-sql (4) wql (4) https (4) group-policy (4) backup (4) connector-net (4) debug (4) logparser (4) network-adapter (4) dns (4) query_cache (4) ghost (4) iisnode (4) node-js (4) vbscript (3) windows-firewall (3) brute-force (3) ftp (3) postfix (3) forensics (3) benchmark (3) xss (3) disk-cleanup (3) disk-space (3) sql-injection (3) openssl (2) net-core (2) visual-studio (2) windows-defender (2) rdp (2) connector-odbc (2) c (2) mysqldump (2) xml-rpc (2) smb (2) cross-site-scripting (2) innodb (2) httpbl (2) centos (2) magento (2) denial-of-service (2) deployment (2) windows-deployment-services (2) mysqli (2) open-xchange (2) waf (2) web-application-firewall (2) code-base (1) windows-11 (1) ipv6 (1) networking (1) sqlce (1) tinymce (1) Prianha-CMS (1) kvm (1) http-3 (1) quic (1) wmsvc (1) database-mirroring (1) service-principal-names (1) spn (1) jetpack (1) api (1) kms (1) elasticsearch (1) red-hat (1) varnish-cache (1) dhcp (1) jquery (1)