Contents tagged with Windows Server 2008
-
Resolving IIS WMSVC Underlying Connection Was Closed
IIS Manager Remote Administration is a handy tool for for a web server administrator when you have multiple servers to manage. This feature will save you the trouble of having to Remote Desktop into each server every time you need to touch IIS. With IIS Manager Remote Administration you can login to one server for [...]
-
Using aspnet_regiis.exe to Encrypt Connection Strings
When it comes to securing IIS web applications on Windows Server 20008 R2 or Windows Server 2012 R2 one typically thinks of firewalls, access control lists (ACL), and using an application pool identity. These security measures will protect a site from external threats . However, .Net configuration files which typically store username and password data [...]
-
Blocking SQL Injection with IIS Request Filtering
SQL Injection became a favorite hacking technique in 2007. Despite being widely documented for so many years it continues to evolve and be utilized. Because SQL Injection is such a well known attack vector, I am always surprised when as sysadmin I come across someone’s site that has been compromised by it. In most instances the site was compromised because of not properly validating user data entered on web forms. Classic ASP sites using inline SQL queries with hardcoded query string parameters are especially vulnerable. Fortunately regardless of a site’s potential programming weaknesses it can still be protected. In this walkthrough I will cover how to protect your site from SQL Injection using IIS Request Filtering.
-
Managing IIS Logs with GZipStream
Depending on how many sites your Windows web server is hosting maintaining IIS logs can be a challenge. IIS logs provide valuable insight into the traffic your sites are experiencing as well as detailed SEO metrics and performance data. A typical web server will have just enough free disk space for future growth needs but ultimately will be limited by the capacity of drives in the server. If left unmonitored IIS logs can quickly fill any remaining disk space on the server. There are a few 3rd party tools that are good at compressing log files when they are under one parent folder but when the log files are in different locations such as on a WebsitePanel server I support an alternative solution is needed. In this walkthrough I will demonstrate how I solved this challenge using asp.net and GZipStream.
-
Installing IIS on Windows Server 2012 with Web PI
Thanks to Microsoft’s Web Platform Installer (Web PI) installing IIS has never been so easy. Before using Web PI to install IIS became available, you had to use the Server Manager to install the Web Server (IIS) role and then select various Role Services that you need to be enabled. Depending on your level of expertise this could be a challenging task with lots scrolling back and forth and click upon click to get things just right, but now you can have IIS deployed with just 3 clicks of your mouse.
-
Enhancing Log Parser Reports with Charts
When you need quick analysis of your traffic logs you won’t find an better tool than Microsoft’s free Log Parser. With Log Parser you can read a variety of log files including the Registry and Windows event logs. It’s ease of use comes from using SQL queries against your log file. You can get your data even faster by using multiple log parser queries in a batch file.
-
Using Wildcard SSL Certificates on IIS 7
The other day I was helping someone who was trying to configure a wildcard certificate on their Windows Cloud Server. Their server was running Windows 2008 R2 server using IIS 7. The were technically savvy and knew how to configure site’s on their own and install a regular SSL certificate but they were stuck trying to get a wildcard certificate configured properly.
-
Windows Server Scheduled Task for Opening Web Site Url
If your web site is hosted on a dedicated server (cloud or physical) then chances are you have some internal processes which need to happen on a recurring basis. The Windows Task Scheduler is a wonderful built-in tool that fulfills this need. The location of this program has changed from Windows Server 2003 to Windows Server 2008. With Windows Server 2003 it was located in the Control Panel. With Windows Server 2008 it is located in Administrative Tools.
With the Windows Task Scheduler you can run any program on the server including custom scripts at any time with any recurring frequency. So this great news for system admins but what happens if you’re a web developer and you designed an admin page on your site to perform some internal housekeeping which runs when the page is loaded? As you can imagine you don’t want to sit at your desk all day hitting the refresh button.
So here’s were the power of Windows Task Scheduler comes into view. We just need to create a new scheduled task to visit the web site. Well unfortunately this is not possible. Task scheduler is not able to browse sites. However, that would be a cool feature for a future release. So are we done before we’ve started? What could be used to open a web site url that we could then in-turn schedule as a task? Well look no further than Microsoft’s XMLHTTP object. I always say “there’s no school like old school” and in this case it is absolutely true.
The following vbscript is all we need to open the web site url programmatically.