Start Free Trial

asked on 2/17/2016

Present a secured site maintenance page.

Dear Experts,

We have a IIS secured website which has yet to pass a penetration test before we can open it to public access.

Is there a secured way we could allow some sort of static page for external access site until the pen test is completed?

The website is already linked to a secured certificate which has the site's common name defined. Basically, we want to present a maintenance page just to relay the information that the site is not available or not yet active.

Please advise if this is doable or not.

Thanks in advance ;)

Microsoft IIS Web Server Security SSL / HTTPS

Last Comment

2/17/2016

2/17/2016

Can consider a http redirect and limit to specific location in server.

To configure the content to come from only the specified destination directory, use the following syntax:
appcmd set config /section:httpRedirect /childOnly:true | false
By default, this attribute is false, but you specify true for the childOnly attribute. To do this, type the following at the command prompt, and then press ENTER:
appcmd set config /section:httpRedirect /childOnly:true

https://technet.microsoft.com/en-us/library/cc731578(v=ws.10).aspx

Another is that you could set that site up to serve the same page for all requests, regardless of the request URL. The strategy is to stop website regardless of the request coming in

Assuming you have IIS Scripting installed, open an elevated PowerShell:

import-module webadministration

Consider stopping all sites except the Offline one:

Get-ChildItem IIS:\Sites | Where {$_.Name -ne "Offline"} | Stop-WebSite

when the SQL-Server is back up, start them up again:

Get-ChildItem IIS:\Sites | Where {$_.Name -ne "Offline"} | Start-WebSite

For FTP sites, the commands will show an error. You cannot pipe an FTP site to a Stop-WebSite cmdlet, but it still works for all the web sites.

For sites that are not running alright, consider to exclude them:

Where {$_.Name -ne "Offline" -and $_.Name -ne "foobar.com"}

If there is no PowerShell cmdlets for IIS installed, you can explore appcmd.exe

2/17/2016

ASKER

Thanks.

The website is already binded to a SSL certificate and we open only 443 on our firewall.

Will redirect work?

ASKER CERTIFIED SOLUTION

2/17/2016

Blurred text

THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.

View this solution by signing up for a free trial.

Members can start a 7-Day free trial and enjoy unlimited access to the platform.

See Pricing Options

Start Free Trial

Microsoft IIS Web Server

IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.

36K

Questions

--

Followers

--

Top Experts

Get a personalized solution from industry experts

Ask the experts

"Invaluable tool for our organization"
Josh Regalski
"This is the best money I have ever spent."
@rwheeler23
"Your help has saved me hundreds of hours of internet surfing."
@fblack61
"Just a dang good service!"
@golferski
"Worth every penny."
Steve Hougom
"It’s been a life saver."
Maria Halt
"Best support site I’ve seen!"
Bob Schneider
"I would be lost without them."
@fblack61
"Saved my job multiple times."
Walt Forbes
"I love this site."
Maria Duwe
"Friendly respectful help."
Andrew Kowtalo
"Such top-notch experts."
@magento
"The best money I have ever spent."
@rwheeler23
"Beyond any comprehensible value"
George Morris
"Invaluable tool for our organization"
Josh Regalski
"This is the best money I have ever spent."
@rwheeler23

Read over 600 more reviews

TRUSTED BY