Link to home
Create AccountLog in
Avatar of nav2567
nav2567Flag for United States of America

asked on

Present a secured site maintenance page.

Dear Experts,

We have a IIS secured website which has yet to pass a penetration test before we can open it to public access.

Is there a secured way we could allow some sort of static page for external access site until the pen test is completed?

The website is already linked to a secured certificate which has the site's common name defined.  Basically, we want to present a maintenance page just to relay the information that the site is not available or not yet active.

Please advise if this is doable or not.

Thanks in advance ;)
Avatar of btan
btan

Can consider a http redirect and limit to specific location in server.
To configure the content to come from only the specified destination directory, use the following syntax:
appcmd set config /section:httpRedirect /childOnly:true | false
By default, this attribute is false, but you specify true for the childOnly attribute. To do this, type the following at the command prompt, and then press ENTER:
appcmd set config /section:httpRedirect /childOnly:true
https://technet.microsoft.com/en-us/library/cc731578(v=ws.10).aspx

Another is that you could set that site up to serve the same page for all requests, regardless of the request URL. The strategy is to stop website regardless of the request coming in
Assuming you have IIS Scripting installed, open an elevated PowerShell:

import-module webadministration

Consider stopping all sites except the Offline one:

Get-ChildItem IIS:\Sites | Where {$_.Name -ne "Offline"} | Stop-WebSite

when the SQL-Server is back up, start them up again:

Get-ChildItem IIS:\Sites | Where {$_.Name -ne "Offline"} | Start-WebSite

For FTP sites, the commands will show an error. You cannot pipe an FTP site to a Stop-WebSite cmdlet, but it still works for all the web sites.

For sites that are not running alright, consider to exclude them:

Where {$_.Name -ne "Offline" -and $_.Name -ne "foobar.com"}

If there is no PowerShell cmdlets for IIS installed, you can explore appcmd.exe  
Avatar of nav2567

ASKER

Thanks.

The website is already binded to a SSL certificate and we open only 443 on our firewall.

Will redirect work?
ASKER CERTIFIED SOLUTION
Avatar of btan
btan

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer