Solved

IIS 7 reveals internal IP address - appcmd.exe help [PCI scan / PEN testing failure]

Posted on 2014-10-21
4
1,251 Views
Last Modified: 2014-11-01
Hi experts
I have a Exchange 2010 server which has failed a PCI compliance scan during PEN testing.
I need to apply the fix detailed below, which uses appcmd.exe.  I have little knowledge of IIS.
http://blogs.msdn.com/b/mike/archive/2008/11/18/removing-an-iis-server-s-ip-address-from-http-
responses.aspx

suggested cmd is:
appcmd.exe set config -section:system.webServer/serverRuntime /alternateHostName:"myServer"  /commit:apphost

Before I run this cmd I want to find out if my server has an existing alternateHostName and if so what it is.  This is essentially because I want to be able to return be install to it current state in the event this fix causes side effects.

How can I use appcmd.exe [supply code] to find the alternateHostName?
0
Comment
Question by:fieldj
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 81

Expert Comment

by:David Johnson, CD, MVP
ID: 40394517
there are no known side effects of using that fix other than passing your pci text
0
 

Author Comment

by:fieldj
ID: 40394938
Thanks David
Do you know how can I use appcmd.exe [supply code] to find the alternateHostName?
0
 

Accepted Solution

by:
fieldj earned 0 total points
ID: 40406097
I ran the following cmd to backup my IIS config
C:\Windows\System32\inetsrv>appcmd.exe add backup "My Backup Name"
You can confirm this with
C:\Windows\System32\inetsrv>appcmd.exe list backups
And restore if need be
C:\Windows\System32\inetsrv>appcmd.exe restore backup "My Backup Name"

Then I ran the cmd
C:\Windows\System32\inetsrv>appcmd.exe set config "Default Web Site" -section:sy
stem.webServer/serverRuntime /enabled:"True"  /commit:apphost

Followed by the cmd in the posted article
C:\Windows\System32\inetsrv>appcmd.exe set config -section:system.webServer/serv
erRuntime /alternateHostName:"ServerName"  /commit:apphost
0
 

Author Closing Comment

by:fieldj
ID: 40416973
best answer of the responses
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question