Dec 28, 2008
This post is targeted at helping IIS Administrators understand how to setup FTP User Isolation and Active Directory together. There has been forum posts @ http://forums.iis.net regarding user isolation and Active Directory. It is pretty straight forward...
1 comments
Tags: IISActive Directory
Dec 27, 2008
Go to Inetmgr > ServerName > Request Filtering > Filename extensions. You can see all blocked extensions. Open a command prompt and type 'To allow c:\windows\system32\inetsrv\appcmd set config /section:system.webServer/security/requestFiltering...
1 comments
Tags: IISappcmd
Dec 24, 2008
Here are a few commands to set properties on IIS compression. c:\windows\system32\inetsrv\appcmd set config -section:urlCompression /doDynamicCompression:true c:\windows\system32\inetsrv\appcmd set config -section:system.webServer/httpCompression -[name...
1 comments
Tags: IIScompression
Dec 19, 2008
Custom Errors on IIS 7.0 and Classic ASP. In previous versions of IIS, there was a built-in error page called 500-100.asp. In IIS 7.0, this custom error page is not automatically listed. Here is a quick demo how I setup a couple ways to capture errors...
1 comments
Tags: IISASPClassic ASP
Dec 14, 2008
This post is targeted at helping IIS Administrators understand how Active Directory can be used by IIS web-farms. My goal is to help anyone looking to deploy IIS (in a web-farm scenerio) and use Active Directory as a authentication store. There are several...
1 comments
Tags: IIS
Nov 10, 2008
IIS team has made the URL Rewrite Module for IIS 7.0 Release To Web (RTW) available for download. This is a final, production-ready release that is officially supported by Microsoft. Install the URL Rewrite Module for IIS 7.0 RTW today! Microsoft URL...
1 comments
Tags: IIS
Oct 26, 2008
This article contains tips, tricks and steps to use Security Configuration wizard (SCW) included in Windows Server 2008. I was recently working on locking down Windows Server 2008 with IIS. By default, Windows Server 2008 is more locked down than any...
2 comments
Tags: IIS
Oct 01, 2008
Got some great news today!! "Congratulations! We are pleased to present you with the 2009 Microsoft® MVP Award!" It's been awesome to be part of the IIS community. Since IIS 7.0 has come out, the IIS community continues to grow. It's fun sharing and learning...
1 comments
Tags: IIS
Sep 13, 2008
The IIS Team has been releasing some really cool modules of late. Check them out. Also, keep an eye on http://blogs.iis.net for all the latest news! URLRewrite module http://blogs.iis.net/ruslany/archive/2008/09/11/url-rewrite-module-go-live-release.aspx...
2 comments
Tags: IIS
Sep 12, 2008
I got a question from Bradley J. Dinerman about getting Aspmail working on Windows Server 2008. I've yet to figure out how to get AspEmail working on Windows Server 2008, I tried x64 and x86 of Windows Server 2008. I got the following error. Process monitor...
4 comments
Tags: IISSMTP
Sep 04, 2008
Here are a few gotcha's that I personally came across both in the forums and migrations I've done from IIS6 to IIS7. A lot of the confusion I see in the forums is Classic ASP and 'native' applications using COM+ trying to move to IIS 7. A classic ASP...
1 comments
Tags: IIS
Aug 21, 2008
I have to give kudo's to the Microsoft IIS team for updating URLScan to help block automated sql injection attacks. Especially to Wade Hilmo and Nazim Lala . They have been very responsive when it came to involving the community (Thanks guys for the w3c...
2 comments
Tags: IISsql injection
Aug 18, 2008
A few questions come up in the forums @ http://forums.iis.net about people moving Classic ASP applications that use CDONTS. CDONTS was introduced in NT4 and was widely popular. With the success of ASP applications 'back in the day', many used CDONTS to...
3 comments
Tags: IISASPSMTPClassic ASP
Jul 08, 2008
I've listened to a lot of podcasts and never "until now" did a podcast. Craig Shoemaker approached me about doing a podcast. It was real easy! All I had to do was talk about the subject I've been involved with since December 2005, IIS 7.0. We introduced...
2 comments
Tags: IIS
Jun 27, 2008
One of the things I was curious what URLScan actually scanned and how. What is just servervariables or what?! I asked Wade H from the IIS Team for further explaination. It is good to be aware when you are implementing URLScan 3.0 and sql injection rules...
2 comments
Tags: IISsql injection