[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

How to find out if website has both 80 and 443 set up

Posted on 2017-06-08
7
Medium Priority
?
91 Views
Last Modified: 2017-06-09
Hello Experts,

Somehow on some of our websites, the redirect to 443 was shut down.

How would you go about finding the missing redirects?

This is on Windows IIS.

The only thing I can think of is running scans on 80 and 443 and compare the two, but I don't think that will address the missing redirect. We do not have a Web Application Firewall to determine this.

Would the firewall reporting tools work? What the SIEM?

Thank you, your recommendations are appreciated.

Steph
0
Comment
Question by:Steph_M
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 18

Expert Comment

by:Wayne88
ID: 42168677
"Somehow on some of our websites, the redirect to 443 was shut down. "

Does it redirect http to https if you launch the page internally?
0
 
LVL 1

Author Comment

by:Steph_M
ID: 42168711
No.
Since the original posting, I have more information.
The root of the issue was the IIS web.config file was overwritten and that caused the problem.
Unfortunately, we have a limited tool set to identify these issues so I am trying to find a solution without purchasing anything.
In the past, I would have just thrown a FIM agent on the server and be done with it, but there isn't enough licenses or processing power to do this at this time.

Any suggestions?
0
 
LVL 18

Expert Comment

by:Wayne88
ID: 42168716
What caused the config file to get overwritten?  Is this what you're trying to troubleshoot or is the problem in recreating the config file?
0
Plesk WordPress Toolkit

Plesk's WordPress Toolkit allows server administrators, resellers and customers to manage their WordPress instances, enabling a variety of development workflows for WordPress admins of all skill levels, from beginners to pros.

See why 2/3 of Plesk servers use it.

 
LVL 1

Author Comment

by:Steph_M
ID: 42168741
Human error.

The goal here is to find a repeatable process to identify if this happens again quickly.

I know what you are thinking - why not checksum, why not FIM, why not peer review, etc.

Because the task I was given was to find a way to compare and test at least once a week to see if it happened again.
0
 
LVL 18

Expert Comment

by:Wayne88
ID: 42168788
"The goal here is to find a repeatable process to identify if this happens again quickly."

"Unfortunately, we have a limited tool set to identify these issues so I am trying to find a solution without purchasing anything."

Ok, here is what I have in mind.  Turn on file auditing then create a task to notify you by email when the file in that folder is edited or deleted.

Here is an example, I don't know what' the event ID for file edit is but for deletion event ID is 560.

When the audit is turned on and you create a file then delete it you will see this event ID under the security log and if you right click you will see the details on it.

As for the alert, you can right click the event > attach task to this event then follow the wizard to have it email you when this event occurs.

Here is more info:

http://www.intelliadmin.com/index.php/2008/03/use-auditing-to-track-who-deleted-your-files/

This is can be accomplished without requiring you to purchase any tools.
0
 
LVL 65

Accepted Solution

by:
btan earned 2000 total points
ID: 42168991
Can consider SEO spider auditing as along term

if a URL has multiple redirects in a chain, this export will map out each hop along the way, redirect 1, to redirect 2, to redirect 3 etc and all the responses along the way until the final target. It will also show how many hops there are (remember 5+ Google might give up and treat as a 404) & identify any pesky redirect loops.

So this report, although intended for ‘redirect chains’, was also built to provide a comprehensive method to audit all redirects in a site migration in a nice, easy, single export so we don’t all go mad.
https://www.screamingfrog.co.uk/audit-redirects/

Or a free tool beamusup http://beamusup.com
0
 
LVL 1

Author Closing Comment

by:Steph_M
ID: 42169717
I'm going to try BeamUsUp because it is a free tool. I'm going to run it once a week then run some automated scripts to look for the redirect.

Thank you for the suggestion, it meets the requirement.

Stephanie
0

Featured Post

Simplify Your Workload with One Tool

How do you combat today’s intelligent hacker while managing multiple domains and platforms? By simplifying your workload with one tool. With Lunarpages hosting through Plesk Onyx, you can:

Automate SSL generation and installation with two clicks
Experience total server control

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Know the reasons and solutions to move/import EDB to New Exchange Server. Also, find out how to recover an Exchange .edb file and to restore the file back.
IF you are either unfamiliar with rootkits, or want to know more about them, read on ....
Wufoo.com provides powerful tools for surveying targeted groups, and utilizing data from completed surveys to find trends, discover areas of demand or customer expectation, and make business decisions on products or services.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question