[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 111
  • Last Modified:

How to find out if website has both 80 and 443 set up

Hello Experts,

Somehow on some of our websites, the redirect to 443 was shut down.

How would you go about finding the missing redirects?

This is on Windows IIS.

The only thing I can think of is running scans on 80 and 443 and compare the two, but I don't think that will address the missing redirect. We do not have a Web Application Firewall to determine this.

Would the firewall reporting tools work? What the SIEM?

Thank you, your recommendations are appreciated.

Steph
0
Steph_M
Asked:
Steph_M
  • 3
  • 3
1 Solution
 
Wayne88Commented:
"Somehow on some of our websites, the redirect to 443 was shut down. "

Does it redirect http to https if you launch the page internally?
0
 
Steph_MAuthor Commented:
No.
Since the original posting, I have more information.
The root of the issue was the IIS web.config file was overwritten and that caused the problem.
Unfortunately, we have a limited tool set to identify these issues so I am trying to find a solution without purchasing anything.
In the past, I would have just thrown a FIM agent on the server and be done with it, but there isn't enough licenses or processing power to do this at this time.

Any suggestions?
0
 
Wayne88Commented:
What caused the config file to get overwritten?  Is this what you're trying to troubleshoot or is the problem in recreating the config file?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Steph_MAuthor Commented:
Human error.

The goal here is to find a repeatable process to identify if this happens again quickly.

I know what you are thinking - why not checksum, why not FIM, why not peer review, etc.

Because the task I was given was to find a way to compare and test at least once a week to see if it happened again.
0
 
Wayne88Commented:
"The goal here is to find a repeatable process to identify if this happens again quickly."

"Unfortunately, we have a limited tool set to identify these issues so I am trying to find a solution without purchasing anything."

Ok, here is what I have in mind.  Turn on file auditing then create a task to notify you by email when the file in that folder is edited or deleted.

Here is an example, I don't know what' the event ID for file edit is but for deletion event ID is 560.

When the audit is turned on and you create a file then delete it you will see this event ID under the security log and if you right click you will see the details on it.

As for the alert, you can right click the event > attach task to this event then follow the wizard to have it email you when this event occurs.

Here is more info:

http://www.intelliadmin.com/index.php/2008/03/use-auditing-to-track-who-deleted-your-files/

This is can be accomplished without requiring you to purchase any tools.
0
 
btanExec ConsultantCommented:
Can consider SEO spider auditing as along term

if a URL has multiple redirects in a chain, this export will map out each hop along the way, redirect 1, to redirect 2, to redirect 3 etc and all the responses along the way until the final target. It will also show how many hops there are (remember 5+ Google might give up and treat as a 404) & identify any pesky redirect loops.

So this report, although intended for ‘redirect chains’, was also built to provide a comprehensive method to audit all redirects in a site migration in a nice, easy, single export so we don’t all go mad.
https://www.screamingfrog.co.uk/audit-redirects/

Or a free tool beamusup http://beamusup.com
0
 
Steph_MAuthor Commented:
I'm going to try BeamUsUp because it is a free tool. I'm going to run it once a week then run some automated scripts to look for the redirect.

Thank you for the suggestion, it meets the requirement.

Stephanie
0

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now