Steve Schofield's Blog

URLRewrite for IIS 7.0 released

Steve Schofield Weblog : IIS — Tue, 11 Nov 2008 02:21:00 GMT

IIS team has made the URL Rewrite Module for IIS 7.0 Release To Web (RTW) available for download. This is a final, production-ready release that is officially supported by Microsoft. Install the URL Rewrite Module for IIS 7.0 RTW today! Microsoft URL...(read more)

How to use Security Configuration Wizard in Windows Server 2008 to lockdown a server with IIS

Steve Schofield Weblog : IIS — Mon, 27 Oct 2008 03:09:00 GMT

This article contains tips, tricks and steps to use Security Configuration wizard (SCW) included in Windows Server 2008. I was recently working on locking down Windows Server 2008 with IIS. By default, Windows Server 2008 is more locked down than any...(read more)

IIS MVP for 2009

Steve Schofield Weblog : IIS — Thu, 02 Oct 2008 02:55:00 GMT

Got some great news today!! "Congratulations! We are pleased to present you with the 2009 Microsoft® MVP Award!" It's been awesome to be part of the IIS community. Since IIS 7.0 has come out, the IIS community continues to grow. It's fun sharing and learning...(read more)

IIS Team releases more cool modules

Steve Schofield Weblog : IIS — Sat, 13 Sep 2008 19:16:00 GMT

The IIS Team has been releasing some really cool modules of late. Check them out. Also, keep an eye on http://blogs.iis.net for all the latest news! URLRewrite module http://blogs.iis.net/ruslany/archive/2008/09/11/url-rewrite-module-go-live-release.aspx...(read more)

CDOSYS and Windows Server 2008, 80070005 Description Access is denied

Steve Schofield Weblog : IIS — Sat, 13 Sep 2008 02:24:00 GMT

I got a question from Bradley J. Dinerman about getting Aspmail working on Windows Server 2008. I've yet to figure out how to get AspEmail working on Windows Server 2008, I tried x64 and x86 of Windows Server 2008. I got the following error. Process monitor...(read more)

IIS6 to IIS7 migration tips / tricks.

Steve Schofield Weblog : IIS — Fri, 05 Sep 2008 02:39:00 GMT

Here are a few gotcha's that I personally came across both in the forums and migrations I've done from IIS6 to IIS7. A lot of the confusion I see in the forums is Classic ASP and 'native' applications using COM+ trying to move to IIS 7. A classic ASP...(read more)

URLScan 3.0 rtw (release to web) available

Steve Schofield Weblog : IIS — Thu, 21 Aug 2008 09:53:00 GMT

I have to give kudo's to the Microsoft IIS team for updating URLScan to help block automated sql injection attacks. Especially to Wade Hilmo and Nazim Lala . They have been very responsive when it came to involving the community (Thanks guys for the w3c...(read more)

Getting CDONTS to work on Windows Server 2008 x64

Steve Schofield Weblog : IIS — Tue, 19 Aug 2008 02:12:00 GMT

A few questions come up in the forums @ http://forums.iis.net about people moving Classic ASP applications that use CDONTS. CDONTS was introduced in NT4 and was widely popular. With the success of ASP applications 'back in the day', many used CDONTS to...(read more)

IIS7 - post #70 - IIS 7.0 podcast by Steve Schofield

Steve Schofield Weblog : IIS — Wed, 09 Jul 2008 02:48:00 GMT

I've listened to a lot of podcasts and never "until now" did a podcast. Craig Shoemaker approached me about doing a podcast. It was real easy! All I had to do was talk about the subject I've been involved with since December 2005, IIS 7.0. We introduced...(read more)

SQL Injection rule explaination how URLScan 3.0 scans requests

Steve Schofield Weblog : IIS — Fri, 27 Jun 2008 14:52:00 GMT

One of the things I was curious what URLScan actually scanned and how. What is just servervariables or what?! I asked Wade H from the IIS Team for further explaination. It is good to be aware when you are implementing URLScan 3.0 and sql injection rules...(read more)

URLScan 3.0 - help with sql injection attacks.

Steve Schofield Weblog : IIS — Wed, 25 Jun 2008 03:55:00 GMT

For those supporting a Classic ASP and ASP.NET application, you probably have noticed an increase in sql injection attempts. Microsoft has released an updated URLScan 3.0. Here is the link to download URlScan version 3 beta for 32 bit or 64 bit . You...(read more)

SQL Injection information for IIS admins and developers

Steve Schofield Weblog : IIS — Mon, 23 Jun 2008 04:51:00 GMT

The sql injection that has came up is affecting several ASP and ASP.NET applications. Although the only way to prevent an attack is validate the code, hopefully these posts will provide some direction. I included some links that discuss this more. http...(read more)

IIS 7 - post #68 - URL Rewrite module available

Steve Schofield Weblog : IIS — Fri, 30 May 2008 21:28:00 GMT

Exciting news for IIS 7.0 users. MS has released the much anticipated URL Rewrite module. Here is a post on it. http://learn.iis.net/page.aspx/460/using-url-rewrite-module/ Download the x86 CTP version for IIS 7.0: http://www.iis.net/downloads/default...(read more)

IIS7 - post #67 - New command line reference site http://appcmd.com

Steve Schofield Weblog : IIS — Sat, 24 May 2008 11:10:00 GMT

I'm not sure if humans are supposed to remember command line syntax. For me, the most frustrating part is remembering the syntax of a certain command line option. To help me remember these for future use, and hopefully share with the community. I created...(read more)

Early Christmas present in May - DFS file replication on Windows Server 2008 web edition

Steve Schofield Weblog : IIS — Thu, 15 May 2008 01:03:00 GMT

Whoo hoo! DFS replication is available on web edition. This will make shared config and local contention replication possible on web edition. This is a HUGE deal. http://blogs.technet.com/filecab/archive/2008/05/14/installing-dfs-replication-on-windows...(read more)