Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x

Microsoft IIS Web Server

35K

Solutions

29K

Contributors

IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.

Share tech news, updates, or what's on your mind.

Sign up to Post

hi
1- we have a domain in intranet and some web application . i   wanna that only domain client access to web app
2- set domain restriction in iis 7 and deny all and then allow  domain as this   "my domain.com" but not working
3- otherwise it working with  ip addresses  that i no want it .
4- pls help me have to implement this  project.
tnx
0
Nothing ever in the clear!
LVL 1
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

The exchange server is configured for an anonymous relay, my app only uses authenticated smtp via Username and Password or APOP.

So my options as I see it if possible...
Can I setup an authenticated SMTP relay in my IIS that sends anonymously to their relay?
Can I recommend that they add an authenticated relay for my mailbox on an exclusive port to ensure it does not hurt their configurations?
0
Hi - I have a 2012 server setup as a Domain with RDS running.  I have a VM on the server which is added to the domain and have given user access to this.  

I have a CA certificate with the subject mail.domainname.com  which is trusted on the RD Gateway Certificates in Connection Broker single sign on/ Publishing/ RD Web Access and RD Gateway.

My RD Gateway has Use these RD Server setting  - Server name mail.domainname.com with Logon method set to Password Auth and a tick in Use RD Gateway credentials.

I have installed the cert on the local Win 7 PC and checked it is in MMC - also checked thumbprint to confirm correct cert.  All ok

Now my Issue -

From my remote PC I can login to RDWeb (https://mail.domainname.com/rdweb - no problems and no certificate issues - and it shows connected to RemoteApp and Desktop Connections in bottom right hand corner.

Now I choose connect to a remote PC -

Type in PC Name  and choose connect -
I then get the windows security popup with Enter your Credentials - domainname\username and password

Input and click ok - and it says starting initiating remote session

Then - A box pos up saying - Your computer cant connect to the remote computer because the Remote Desktop Gateway server address in unreachable or incorrect.  Type a valid Remote Desktop Gateway server address.

ok - so looking at my Remote desktop Connection it says the Gateway server is svr-servername.domainname.com  - which is the FQDN of the server.

So …
0
I had this question after viewing Disabling auto logons in Internet Explorer 11.

My users like to save their ID/Passwords when accessing my Active Directory secured intranet website. Based on a manager request, I need to know if there's a way my website (or an IIS setting) can force the user to always authenticate.
Any help here would be appreciated...
0
I need to redirect a website within IIS instead of using a DNS change.  What is the best way to do this?
0
I am trying to redirect a URL from http://www.rudythecarguy.com/ApplyNow.com to http://www.rudythecarguy.com/ApplyNow. I added the rewrite section below to the system.webserver section of the web.config, but it doesn't work. Is there a kind soul out there who can shed some light on this darkness?
Thank you.
 <rewrite>
      <rules>
        <rule name="RudyRedirect" stopProcessing="true">
          <match url="www.rudythecarguy.com/ApplyNow.com" />
          <action type="Redirect" url="www.rudythecarguy.com/ApplyNow" redirectType="Permanent" />
        </rule>
      </rules>
    </rewrite>
0
Currently in IIS, I have 3 URL Rewrite rules:
1.  Redirect http to https
2.  If they forget to put in the www in front of the domain name they are redirected to the correct site
(This is what I used:  doesn't match pattern  ^www\.([.a-zA-Z0-9]+)$)
3.  If they come in using www1 (which still exists), they are redirected to another URL

Now, they want to start using subdomains (example:  clientname.domain.com)
What currently happens is rule #2 puts a www in front of the name because it doesn't have www.  
We have a lot of clients and they want a subdomain for each one.

Any ideas on how to accomplish this?
0
we have a number of internal applications which rely on IIS for the web server. These are only internal servers but we have noticed the 3rd parties whose apps we use have within the web root  some web.config12.bak type files. These do have hard coded DB and admin credentials within them so we would not want them exposed to any internal officers.

All servers are internal and not internet facing so the risk is limited to internal employees, and it is a small workforce with limited web server skills I would presume. The web root is hosted on the servers D:\, and the actual permissions on  the web root folders themselves only grant IIS_USERS group read on read & execute permissions. I typed the full path into a browser, e.g. \\server\app\live\admin\web.config12.bak and it returns a "404 - File or directory not found" error, even though I know it exists in that path. If I try a sample of other files in that directory such as styles.css, or a log txt file I know exists, my browser loads them up fine. So I am wondering if its something to do with the extension that causes the 404 error rather than ACL permissions preventing their download. As the ACL seems to be the same for all files in that directory, so it must be an IIS additional security control, perhaps.

I just need to be sure this would be consistent for all internal employees, that nobody could download a copy of these web config backup files, or if its the behavior of the browser preventing the …
0
IIS failed when add some extension in mime type like stp and fpx
0
I'm reviewing all of my web servers and I'm trying to figure out how to make Chrome happy with the Cipher Suites. Web Servers are Server 2012 R2 and here is what Chrome is reporting:

My Web Server
Now, if I take a look at another example website that does properly validate with Chrome, it looks like this as an example:

Proper Web Server
It is my understanding that google only views the GCM Ciphers are being secure, that being said I found AES_128_GCM on my Cipher list and moved it to the top, however Chrome still reports the same Cipher Suite as being used.

Can anyone give me some insight?
0
On Demand Webinar: Networking for the Cloud Era
LVL 10
On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

is there an easy way in IIS to identify the local web root folder (e.g. c:\,.,) for each site/application?
0
Hi All

Please can someone assist me as per the question title.

OS is Windows Server 2008 R2 SP1.

2017-09-06-16_11_20-Connections---TT.png
0
I'm running a WSUS on Server 2012 R2. Just about everyday, I get the following result when I access the MMC (See screen shot below-name of the server has been changed for this issue)
I can usually reset it by a simple batch file that stops and restarts ISS, and have even created a task that does this, but that din't work. I smartened up and copied the error statement to the clipboard. Here's the content of that error:

The WSUS administration console was unable to connect to the WSUS Server via the remote API.

Verify that the Update Services service, IIS and SQL are running on the server. If the problem persists, try restarting IIS, SQL, and the Update Services Service.

System.Net.WebException -- The request failed with HTTP status 503: Service Unavailable.

Source
System.Web.Services

Stack Trace:
   at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
   at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
   at Microsoft.UpdateServices.Internal.ApiRemoting.ExecuteSPGetConfiguration()
   at Microsoft.UpdateServices.Internal.DatabaseAccess.AdminDataAccessProxy.ExecuteSPGetConfiguration()
   at Microsoft.UpdateServices.Internal.BaseApi.UpdateServerConfiguration.Load()
   at Microsoft.UpdateServices.Internal.ClassFactory.CreateWellKnownType(Type type, Object[] args)
   at …
0
I keep getting the following errors in my Event log:


The Module DLL D:\Program Files\Microsoft\Exchange Server\V14\Bin\kerbauth.dll failed to load.  The data is the error.

However, Exchange was uninstalled a long time ago AND I removed the <add name="kerbauth" image="D:\Program Files\Microsoft\Exchange Server\V14\Bin\kerbauth.dll" /> line from my "applicationHost" file and I still get those errors (even after an IISRESET). What gives? I think it's causing some other services I am trying to setup (WebDAV) to not work.
0
Hello Experts,
I am trying to get my server set up to act as an SMTP relay to smtp.o365.com. It works when I use Powershell from my machine using this command:

Send-MailMessage -From smtp@mydomain.com -To me@mydomain.com -Subject "Test"
 -Body "Test" -SmtpServer myserver.mydomain.com -Port 25

Open in new window


Note that my IIS server is set up to accept on port 25, but it transmits to smpt.o365.com on 587. Again, the command above works, so the authentication set up on IIS must be working!

What's interesting are the smtp logs. Here is my PC via Powershell:

22:04:56 192.168.2.106 EHLO - 250
22:04:56 192.168.2.106 MAIL - 250
22:04:56 192.168.2.106 RCPT - 250
22:04:56 192.168.2.106 DATA - 250
22:04:56 40.97.169.242 - - 0
22:04:56 40.97.169.242 EHLO - 0
22:04:56 40.97.169.242 - - 0
22:04:56 40.97.169.242 STARTTLS - 0
22:04:56 40.97.169.242 - - 0
22:04:56 40.97.169.242 EHLO - 0
22:04:56 40.97.169.242 - - 0
22:04:56 40.97.169.242 AUTH - 0
22:04:56 40.97.169.242 - - 0
22:04:58 40.97.169.242 - - 0
22:04:58 40.97.169.242 MAIL - 0
22:04:58 40.97.169.242 - - 0
22:04:58 40.97.169.242 RCPT - 0
22:04:58 40.97.169.242 - - 0
22:04:58 40.97.169.242 BDAT - 0
22:04:58 40.97.169.242 - - 0
22:04:58 40.97.169.242 QUIT - 0
22:04:58 40.97.169.242 - - 0
22:06:07 192.168.2.106 QUIT - 240

Open in new window


Here is a network device (in this case it's an MFP, but a network security device looks the same):

22:04:37 192.168.2.25 EHLO - 250
22:04:37 192.168.2.25 MAIL - 250
22:04:37 

Open in new window

0
I'm developing with ASP.NET and find it annoying that I constantly get "Not Secure" messages when accessing my local website through IIS just because I have a personal self-signed certificate.

I have seen long and what appear to be very complicated ways of creating your own certificate server, but I was wondering about just buying a certificate if they are cheap.

It appears you can get them for under $10? See here:

https://www.interssl.com/en/cart.php?gid=2

Is that a good option or is there a better alternative?
0
I have a problem, I have a website that for some reason, If I don't don't type the www, it doesn't work.

For example,
if I go to https://www.sabbathtruth.com  it works fine
If I go to https://sabbathtruth.com it doesn't work

What could be the problem?
0
Every time I restart my IIS instance/web server (Win 2008 R2), all of the services come up successfully. When I go to browse to the website I get the following message

Capture.PNG

The workaround has been for me to go in to IIS, click on the site bindings, click edit, and move the SSL certificate from it's current selection to not selected, and then back again.

Not that this is a HUGE deal, but i'm wondering if there is a permanent way to fix what i'm seeing or why this is occurring. Thanks in advance
0
We want to do an audit of some web servers (all of which run IIS) to ensure no sensitive information is vulnerable to unauthorised disclosure. I have read some articles claiming often web admins leave backup copies of sites in an area of the web server which may be accessible. And also have read that web.config files can often contain credentials.

Are there any other common types of security sensitive files which may be accessible on a web server from your experience? And also – is there a way to limit which areas of a web server you review/run keyword searches on from the backend OS.  Would it just be anything within 'wwwroot' per site? Or is that quite a simplistic view? And is there a default location for wwwroot per site, or an easy way to identify where the wwwroot per site resides from within IIS?
0
Concerto's Cloud Advisory Services
LVL 4
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

My FTP server is running on windows 2012 .Now i got error "FTP does not encrypt or encode passwords or data before sending them to the server. To protect the security of your passwords and data, use Web Folders (WebDAV) instead."
0
Hello,

I would like to know if someone has already played with the Microsoft WebDAV (MiniRedir) Client (service "Webclient") registry settings ?

I would like to change the cache control behavior to No Cache.

The cache on Windows Server is currently stored in the following directory: C:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV

Thanks.
0
Good morning all!  I've got a weird situation on a local webserver that we run in the office.  We have an intranet web site that we use for office admin etc.  Also as part of the same project we have a webservice that is interacted with by a scheduling/time clock application (Windows Forms Application).  We've used this same solution for a few years between 2 offices (connected with a VPN) with no issues.  We have now had to separate the applications into 2 separate instances (1/office).  I got IIS running in the other office and the website is running aok.  The issue is that the time clock application is has lost its connection to the webservice first thing in the morning.  It is scheduled to close after hours each evening so it needs to be run in the morning.  In the morning once it has been run it doesn't have a connection to the service for about 20 minutes (estimate from what I've been told) and then connects properly and runs fine for the rest of the day.  The time clock program polls the service every few seconds.  The odd thing to me is that when the time clock can't access the webservice the web site is accessible on the same PC.  This seems to take a routing issue off the table though maybe I'm missing something...? We have a local DNS server that has an "A" and "PRT" record to the web server IP.  The web site is running on the DNS server.  We also run a scheduled task that purges the DNS records every 5 minutes.  We started doing this years ago as one external …
0
Local iis7 settings disappear. Like mime types, error pages. I can't figure it out how that can happen.
Settings to the default site are kept.
Does anyone have an idea?
0
Hello Experts,

Does any one know why I keep getting a  HTTP Error when uploading a .mp4 file?

The file is smaller than my max_upload.

Thank you.
0
I have someone linking to this page externally:
http://bit.ly/2wdXDQ1

Now I would simply like to have that URL redirect to itself without the trailing period, but I'm having the hardest time.  
In my webconfig I added this rewrite rule:

 
        <rule name="RemoveTrailingDots" stopProcessing="false">
          <match url="^(.*[^.])\.+$" />
          <action type="Redirect" url="{R:1}" redirectType="Permanent" />
        </rule>
   
it doesn't work at all (as you can see when you test the link above, it still 404's, and the rule is running).
The strange thing is when I change action type to "Rewrite" it actually works, but its not what I want because the URL shows a period on the end.    Why isn't the redirect working?  Would love some help!


Looks like Microsoft has the same problem!  
Try this link:
https://www.microsoft.com/en-us/store/b/home.
0

Microsoft IIS Web Server

35K

Solutions

29K

Contributors

IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.