Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x

Web Servers

32K

Solutions

21K

Contributors

A web server refers to the software that helps to deliver web content that can be accessed either through the Internet or through an intranet. The primary function of a web server is to store, process and deliver web pages to clients. The communication between client and server takes place using the Hypertext Transfer Protocol (HTTP). The most common use of web servers is to host websites, but there are other uses such as gaming, data storage, running enterprise applications, handling email, FTP, etc.

Share tech news, updates, or what's on your mind.

Sign up to Post

Experts,

newbie question on web developing and web servers.  

Question 1: If a web server is running IIS, can I assume that it is not running these:

struts
frontpage
coldfusion

Question 2:  If a web server is running IIS is it possible to also be running:

PHP
activeX
CGI
0
Moving data to the cloud? Find out if you’re ready
LVL 3
Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

One of our ERP systems is provided and hosted by a third party.  One of the security features in place is that the system can only be accessed from our network.

How can such a solution be implemented, my basic understanding is that this would involve some kind of whitelist on a firewall or web server?

My question is how is this possible and what should I be asking our third party for to do a quick audit of the IP address ranges to ensure they only contain IP address from our network (or any other legitimately needed IP addresses)
0
Experts - I am in the process of configuring Solaris LDAP Client for 389 DS. I have created a profile as below -

dn: cn=shades, ou=profile,dc=my,dc=domain,dc=com
credentialLevel: proxy
serviceAuthenticationMethod: pam_ldap:tls:simple
defaultServerList: ldap.my.domain.com ldap2.my.domain.com
authenticationMethod: tls:simple
defaultSearchBase: dc=my,dc=domain,dc=com
objectClass: top
objectClass: DUAConfigProfile
cn: shades
serviceSearchDescriptor: passwd:ou=People,dc=my,dc=domain,dc=com?sub
serviceSearchDescriptor: shadow:ou=People,dc=my,dc=domain,dc=com?sub
serviceSearchDescriptor:
user_attr:ou=People,dc=my,dc=domain,dc=com?sub
serviceSearchDescriptor:
audit_user:ou=People,dc=my,dc=domain,dc=com?sub
serviceSearchDescriptor: group:ou=Group,dc=my,dc=domain,dc=com?sub

When I am running below script to initiate -

#ldapclient init -v -a profileName=shades -a domainName=example.com -a proxyDN="cn=proxyagent,ou=profile,dc=example,dc=com" -a proxyPassword="password" ldap.my.domain.com
Parsing profileName=shades
Parsing domainName=example.com
Parsing proxyDN=cn=proxyagent,ou=profile,dc=example,dc=com
Parsing proxyPassword=<password>
Arguments parsed:
        domainName: example.com
        proxyDN: cn=proxyagent,ou=profile,dc=example,dc=com
        profileName: shades
        proxyPassword: <password>
        defaultServerList: <ldap.my.domain.com>
Handling init option
About to configure machine by downloading a profile
Can not find the shades …
0
dreamweaver how can i publish mysite freesite  i hav 3 html pages contactus with a form send button about us and home
now i want to publish it please do good advice thanks
0
We have a pfSense 2.3.4 with LAN, WAN, DMZ.
In DMZ subnet, we set up a Network Load Balancing cluster with two web servers in a 2012R2 Hyper-V environment. Their IP are:
DMZ port: 10.10.2.1
Server1:     10.10.2.21
Server2:     10.10.2.22
NLB Cluster: 10.10.2.100
NLB mode: multicast

Inside the DMZ subnet, each host can ping other hosts without a problem. The only stumbling block is, from pfSense, I can NOT ping the NLB cluster even I am able to ping all other servers in DMZ subnet. As the result, the cluster is useless.

In pfSense, I can see there is no ARP table entry for this cluster IP. How come?

I bet the Hyper-V NLB cluster is not new and am wondering if anyone ran into this issue before. Please help.
0
We are working with a customer that wants to use their SSO to access our web server. I have never worked with SSO before and am lost as to what we need to do to get this accomplished. Server is on a 2008R2 server with IIS 7.5. Current logins for the web page are not domain accessed.

We do not want to have to set up a trust with the company in question and they do not want to set up the trust either.

How would I go about getting this accomplished?

Any help/information would be greatly appreciated.
0
I am trying to decide which option would be better for redirecting a web URL to a new URL. Basically I have a website autohill.com that I would need to redirect to web.customauto.com and the autohill.com website will be shutdown eventually. which should I use for my external hosted DNS and which should I do for my internal DNS? CNAME or create a new A record with the new name and point the existing A record to the new IP address of the new website?
0
Hi guys,

I want to create a rule in IIS (server 2012/2016) that would redirect the full url from http version to https while preserving the full url.

To give you an example, let's say I have 2 domain names: domain1.com and domain2.com. I want to set up a rule that would redirect to an HTTPS version of domain2.com while preserving anything else user typed after the main domain bit.
So the rule would do this:
http://domain1.com redirects to https://domain2.com
http://domain1.com/help redirects to https://domain2.com/help
http://www.domain1.com redirects to https://domain2.com
http://www.domain1.com/help redirects to https://domain2.com/help
http://domain2.com redirects to https://domain2.com
http://domain2.com/services redirects to https://domain2.com/services
http://www.domain2.com redirects to https://domain2.com
http://www.domain2.com/help redirects to https://domain2.com/help

I know how to set up a standard redirect from HTTP to HTTPS but it redirects to the HTTPS version of domain while losing anything user typed after the main domain for example: http://domain1.com/help redirects to https://domain2.com (removes /help bit, while i want to preserve it)

The existing rule is:

<rule name="HTTP to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://domain2.com/{R:1}" redirectType="Permanent" />
</rule>

Hope this makes sense and thanks very much…
0
Hello,

I've been manually creating accounts in my WHM installation by using the functionality that's native to the program (i.e. I click create account, type in a domain, username, password, and select a package) to create an account for that user that has it's own cPanel installation.

I'm wondering if there's a way (either through software, api, or script) to do this in bulk? Any guidance someone can give would be greatly appreciated. If the answer is via script or api, I would appreciate any general direction you could give about how I actually would go about using it. Thanks in advance!
0
we have a number of internal applications which rely on IIS for the web server. These are only internal servers but we have noticed the 3rd parties whose apps we use have within the web root  some web.config12.bak type files. These do have hard coded DB and admin credentials within them so we would not want them exposed to any internal officers.

All servers are internal and not internet facing so the risk is limited to internal employees, and it is a small workforce with limited web server skills I would presume. The web root is hosted on the servers D:\, and the actual permissions on  the web root folders themselves only grant IIS_USERS group read on read & execute permissions. I typed the full path into a browser, e.g. \\server\app\live\admin\web.config12.bak and it returns a "404 - File or directory not found" error, even though I know it exists in that path. If I try a sample of other files in that directory such as styles.css, or a log txt file I know exists, my browser loads them up fine. So I am wondering if its something to do with the extension that causes the 404 error rather than ACL permissions preventing their download. As the ACL seems to be the same for all files in that directory, so it must be an IIS additional security control, perhaps.

I just need to be sure this would be consistent for all internal employees, that nobody could download a copy of these web config backup files, or if its the behavior of the browser preventing the …
0
Free Tool: IP Lookup
LVL 10
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

is there an easy way in IIS to identify the local web root folder (e.g. c:\,.,) for each site/application?
0
Hi Experts,

I'm wondering how to best log access-logs on Apache while using ProxyPass based on <Location>.

Here are 3 things I have in mind that I'm trying to implement:

  1. I would like to be able to identify the STATUS code Apache received from our application server (ProxyPass) and the STATUS code Apache sent to end-user. I'm not 100% sure how to identify these separate status codes as of now based on %s "<" or ">" redirection possibility on documentation.
  2. I would like to know if it is possible to log the server IP (application server) that processed the request on the backend (ProxyPass), where the response is coming from.
  3. Any recommendation on how to log full headers from REQUEST and RESPONSE headers, including POST data?

This is my current log format:

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%v\" %D \"%{UNIQUE_ID}e\"" custom

And the VHOST has the following config:

ProxyVia Full
ProxyRequests Off
ProxyPreserveHost On

<Location /admin/>
ProxyPass http://10.23.132.10:/admin/
ProxyPassReverse http://10.23.132.10:/admin/
Order deny,allow
Allow from all
</Location>

On the above ProxyPass IP (10.23.132.10), that IP is a server pool from haproxy load balancer, it has 4 servers, so for each request, I can land on a different server in that pool.

Apache version: 2.2.15

Thank you!
0
i want to know how unofficial/illegal websites get live streams of TV channels to show live sporting events and how they do it detail explanation preferred if u don't mind  thanks :)
0
Suppose i added url like http://123.12.1.45/cuz in reverse proxy to access it from outside of my company.and suppose my domain name is aa.bbbb.com .By https://aa.bbbb.com/cuz i can open it from outside.but while opening from out side it is coming as https://aa.bbbb.com/xyz/cuz.please help me out from this issue.


Thanks in advance.
0
Hi All

Please can someone assist me as per the question title.

OS is Windows Server 2008 R2 SP1.

2017-09-06-16_11_20-Connections---TT.png
0
We are looking for a self-hosting alternative just like "WeTransfer"


If it could run on a linux server it would be great. (Windows Server is also OK)

We would like the service to be hosted at our servers, because there could be some critical data between.


The thought was :

Enter the URL
"Press here to upload a file"
Upload
Now it generates an unique URL, the costumer can send out via an email.


I Found this http://alternativeto.net/software/wetransfer/?platform=self-hosted
But would like to hear something you could have any experience with.

We are willing to pay for the software, but open source would be great too.
0
Hi guys

So we have a slight issue. We are unable to get to two particular websites on HTTPS. Their Australian and New Zealand domains are what we can't get to from our internal network. We can get to the HTTP sites, just not their HTTPS.

However, if we use our guest-wifi we can get to the HTTPS. If we use our mobile phones we can get to it.

Our firewall is permitting the traffic out. So I took a snapshot and we get to a HTTP BAD REQUEST and at the bottom it says something about 'nginx', which proves we are hitting some sort of proxy/web server at their end. I assume they have some sort of load balancers or web proxy causing an issue?

Thanks for helping
Yashy
http-request.jpg
0
I need a web service to remain secret and would use CloudFare or a similar technology to prevent DDoS attacks. Aside from DDoS, what other types of attacks are possible?

I assume my web service domain would be totally hidden, but need to be sure there is no other known threat to it.

Thanks
0
We have many ColdFusion customers.  Is there an easy way to script the creation of a .car deploy file besides opening up CF admin on each server and manually making one?
0
New benefit for Premium Members - Upgrade now!
LVL 10
New benefit for Premium Members - Upgrade now!

Ready to get started with anonymous questions today? It's easy! Learn more.

We want to do an audit of some web servers (all of which run IIS) to ensure no sensitive information is vulnerable to unauthorised disclosure. I have read some articles claiming often web admins leave backup copies of sites in an area of the web server which may be accessible. And also have read that web.config files can often contain credentials.

Are there any other common types of security sensitive files which may be accessible on a web server from your experience? And also – is there a way to limit which areas of a web server you review/run keyword searches on from the backend OS.  Would it just be anything within 'wwwroot' per site? Or is that quite a simplistic view? And is there a default location for wwwroot per site, or an easy way to identify where the wwwroot per site resides from within IIS?
0
Hi,

I want to rewrite an entire directory using htaccess

Examples of original legacy URLs
website.com/app/group/index.php?group=id
website.com/app/group/settings.php?group=id
website.com/app/group/tasks/index.php?group=id
website.com/app/group/tasks/task.php?group=id&task=taskId
website.com/app/group/members/member.php?group=id&member=memberId
....

Open in new window



The new urls would be and rewrote to the original urls
website.com/app/group/id/ //with or without trailing slash
website.com/app/group/id/settings //settings file -> only get param is the group id
website.com/app/group/id/tasks/index.php //Tasks directory
website.com/app/group/id/tasks/task.php?task=taskId //Or website.com/app/group/id/tasks/task.php/taskId
website.com/app/group/id/members/member.php?member=memberId //OR website.com/app/group/id/members/member.php/memberId

Open in new window


There are about 10 -12 directories within the parent directory of "group"

I have successfully created a rewrite condition to accept
website.com/app/group/id/


using the following condition
RewriteCond %{REQUEST_URI} /app/group/
RewriteRule ^app/group/(\w+)/?$ /app/group/?group=$1 [L]

Open in new window


The problem becomes if i go to any other of the subdirectories within the parent directory of "group"

The group id ("group=id") will ALWAYS be needed with each page

Do i need to create a rewrite rule for each sub-directory?
Is there a way to extract only the group id and leave the remaining url intact (ex: website.com/app/group/id/tasks/task.php?task=5)?
0
how does the htaccess rewrite reg ex work

i have the following urls/l
www.website.com/app/team/teamId/page
www.website.com/app/team/teamId/directory/index
www.website.com/app/team/teamId/directory/page/queryId

Open in new window


The actual URLs
www.website.com/app/team/index?team=teamId
www.website.com/app/team/directory/index?team=teamId
www.website.com/app/team/directory/page?query=queryId&team=teamId

Open in new window


I have created rewrite rules based on what ive found on the interweb but i dont understand them nor do i know how to order them or if i need to create a separate expression for each of the scenarios

RewriteCond %{REQUEST_URI} /app/group/
RewriteRule ^app/group/(\w+)/(\w+)/(.*)/+? app/group/$2/$3?team=$1&$3=$4 [L]
RewriteRule ^app/group/(\w+)/?$ /app/group/?team=$1 [L]

Open in new window


i have had limited success with the rules and need more clarification on what the $1 etc are matching too as id perfer to write one rule instead of 10
0
In our business DLL, we have some variables declared as "Public Shared". This DLL is used by our website.

After a user logs into our site, Session vars hold the login info. (Nothing in Application vars as those would be shared across users, which we don't want.) Every time the user hits the DB, it connects with that info, setting the DLL's "Public Shared" variables to certain values and using them during that quick connection.

It's been fine for years.

Now suddenly, we're having incredibly rare occasions where one user is in the midst of a process, another user kicks off a process, and when that user sets those DLL "Public Shared" variables, the first user finds those values changed. For instance...

User 1 starts connection and process, setting MyDLL.Var1 = "A"
User 2 starts connection and process, setting MyDLL.Var1 = "B"
User 1 process is ending, but finds MyDLL.Var1 = "B"

I verified it by making a long dummy process. It seems odd to me that a DLL on the site would share these values across all the users logging into the website... but apparently that's how it works. (I was only ever concerned about Application variables -- not variables tucked away deep inside a DLL that I never coded.)

Since it's been fine for years, my guess is we recently created longer processes. So what's the solution? We have 50+ "Public Shared" variables that need to remain declared that way because they are used in other apps, including solutions with multiple projects -- so we …
0
Hello ,

we have a config as given below, but still pages are cached on the browser side until it is removed from the settings of chrome (we tested only on chrome but it is not stabil and this is enough for research)
I hope somebody has some experience about this problem

than you

server {
    error_log /etc/nginx/logs/human_check_errors ;
    listen xxxxxxxxx:80;
    access_log /etc/nginx/logs/human_check_logs main;
    root /home/php;
	


	location ~* \.(?:css|js)$ {
		expires           epoch;
	    
	}
	location ~* \.(?:ico|jpg|jpeg|gif|png|webp)$ {
		expires           epoch;
	    
	}
	location ~* \.(?:json|xml|rss|atom)$ {
		expires           epoch;
    }
    location ~* \.(?:3gp|7z|avi|bmp|bz2|csv|divx|doc|docx|eot|exe|flac|flv|gz|less|mid|midi|mka|mkv|mov|mp3|mp4|mpeg|mpg|odp|ods|odt|ogg|ogm|ogv|opus|pdf|ppt|pptx|rar|rtf|swf|tar|tbz|tgz|tiff|txz|wav|webm|wma|wmv|xls|xlsx|xz|zip)$ {
		expires           epoch;
    }
    location / {
	    #testcookie on;
	    fastcgi_cache_bypass 1;
	    fastcgi_no_cache 1;
	    fastcgi_pass   xxxxxxxxx:9000;
	    fastcgi_index  index.php;
		expires           epoch;
	    fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
	    include        fastcgi_params;
    }
    location ~ .*\.(php|jsp|cgi|pl|py|htm|html)?$ {
	    #testcookie on;
	    fastcgi_cache_bypass 1;
	    fastcgi_no_cache 1;
	    fastcgi_pass   xxxxxxxxx:9000;
	    fastcgi_index  index.php;
		expires           epoch;
	    fastcgi_param  

Open in new window

0
Hi

We normally install our web application on AWS. It has 1x AWS Elastic Load Balancer and 3x Windows Web Servers. We use the Load Balancer (obviously) to spread traffic across the 3 web servers.

A new client wants to install our web application on their own VMWare environment. They say that they don't have any virtual/physical load balancers.

We don't have much experience of VMWare.

Does it have a virtual load balancer as part of the default environment or do they need to purchase something?

Thanks.
0

Web Servers

32K

Solutions

21K

Contributors

A web server refers to the software that helps to deliver web content that can be accessed either through the Internet or through an intranet. The primary function of a web server is to store, process and deliver web pages to clients. The communication between client and server takes place using the Hypertext Transfer Protocol (HTTP). The most common use of web servers is to host websites, but there are other uses such as gaming, data storage, running enterprise applications, handling email, FTP, etc.