Web Servers





A web server refers to the software that helps to deliver web content that can be accessed either through the Internet or through an intranet. The primary function of a web server is to store, process and deliver web pages to clients. The communication between client and server takes place using the Hypertext Transfer Protocol (HTTP). The most common use of web servers is to host websites, but there are other uses such as gaming, data storage, running enterprise applications, handling email, FTP, etc.

Share tech news, updates, or what's on your mind.

Sign up to Post

We are getting a CORS error when trying to run and API request from one of our subdomains to another. I saw an htaccess fix...

<ifmodule mod_headers.c="">
   SetEnvIf Origin "^(.*\.MyDomain\.com)$" ORIGIN_SUB_DOMAIN=$1
   Header set Access-Control-Allow-Origin "%{ORIGIN_SUB_DOMAIN}e" env=ORIGIN_SUB_DOMAIN
   Header set Access-Control-Allow-Methods: "*"
   Header set Access-Control-Allow-Headers: "Origin, X-Requested-With, Content-Type, Accept, Authorization"

I added that to the htaccess file of where the API request was going *to*, but we still get the error. Does it need to go in the htaccess of the site the request is coming *from*? Or both? In other words, does the htaccess stuff need to live where the request originates or where the request is processed? Or both?
Amazon Web Services
LVL 13
Amazon Web Services

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

Hi Experts,

I was given access to production server (admin) thru SSH/SFTP.

Tried changing something on a PHP file (using Core FTP LE), was able to edit/override and it got saved as well, however don't see them affecting my site.
Guess I'm missing something just don't know what...
Tried clearing app cache but didn't help.

In addition, when right clicked on a JavaScript file and selected Edit, did not gave me an option to open with Notepad, just threw some error, as though I was trying to execute it.
How can I accomplish that?

We need to load balance two Windows 2016 Web servers that are VMWare Guests and we are using DFS.  In a previous post an Expert said not to use Windows Load Balancing, and suggested using Zen or a hardware load balancer.  
I'm asking again for the best way to setup load balancing for these web servers and please note we are using DFS.

What's the problems with using Windows Load Balancing and VMWare?
What should we be aware of when using web servers with DFS?

Thank you.
We have one server using SSL that purchased on GoDaddy and our domain is www.xyz.com.
Now, we have another server hosting on AWS, and it is still www.xyz.com. We just use it as fail over purpose.
for example, if our main office's power is off, we will switch www.xyz.com's ip to AWS on DNS make easy.

My question is: I want to install SSL on AWS IIS. Where should I get SSL? On Godaddy.com or I can extract from office's IIS?


I have a web app running on Azure at the address steelyard.azurewebsites.net where the following link is used from an email message sent     Dim oLinkAccept As String = "http://SteelYard.azurewebsites.net/offers_to_me?oOfferID=" & oNewOfferID & "&oOfferAcceptDecline=Accept"  

My problem now is that our technical assistant has set up Azure so that the domain www.thesteelyard.co.za can be used for the website as well. My problem is that the following
link does not work     Dim oLinkAccept As String = "http://thesteelyard.co.za/offers_to_me?oOfferID=" & oNewOfferID & "&oOfferAcceptDecline=Accept"
I am trying to set up a VPS but this came with no configuration at all, i am trying to set up the iis at the moment and i am struggling

its on a windows 2019 datacenter server, with IIS 10

the error i am getting is "can not verify access to path " (microsoft say this is just a warning and will be fine at run time)

however it will not process  server side includes as it cant find the folder, unless i put in the full path in the Include tag, this isnt an option as it would mean to much editing of the code for each instance

<!-- #INCLUDE virtual="/cmms/common/db_obj.asp" -->  Doesnt work

<!-- #INCLUDE virtual="harbourside/cmms/common/db_obj.asp" --> does work

server side include is configured in iis , and set to true in the asp module

I have spent days trying to figure this out, i cant find much help on iis 10 in google
Hi Experts,

I am facing the below issue.
teamjavax.net.ssl.SSLProtocolException: handshake alert:  unrecognized_name

i have migrated from 1.5 to 1.7 while calling the webservice facing the this issue,it is working with java 1.5 version.

can suggest how to resolve this issue.
we have been looking at some get-hotfix reports to determine that last MS security updates applied to a multitude of servers serving different purposes. In some cases the process seems to be working an critical updates are applied in a timely manner, but we found a few exceptions. For my own knowledge/benefit - if a server was acting as a web server and only had standard web ports open, could any of the vulnerabilities that the MS updates 'address', still be exploitable from the outside through those ports? I'm not entirely sure what range of products/services the updates cover in their 'monthly roll ups', so I would be interested to learn a little more.
My client's website www.mesila.org seems to be blocked from both Hong Kong and Australia, and they don't know why. THis has gone on for more than 24 hours. I am able to duplicate the error by changing my VPN to Australia or Hong Kong.

The DNS points to Cloudflare, and from there the A record goes to an AZURE server with a CDN. I don't know where to begin to try to solve such a problem.

Any ideas?

Thank you.
We have an app running on IIS 8.5 which are KPI dashboards running SQL queries and displaying the results in a browser. We have an issue where the dashboards in general begin to slow down and eventually become useless. We have tested the SQL queries used in the dashboards directly against Oracle and they run fine with no delay. The only fix so far we have found is to run IISRESET. Once we run IISRESET, it begins to work again. We also test the same queries within our ERP system(Oracle backend) which the dashboards feed off from different PC's and they run fine. The issue is with IIS or the app itself. if it was the SQL query being too heavy, you would see a slow response time when ran directly in Oracle. we have gone through and set IIS to vendor and Microsoft recommendations including using recycling.

Aside from defects in the code of the app, Is there anything we are missing in IIS that may be causing the issue?
Expert Spotlight: Joe Anderson (DatabaseMX)
LVL 13
Expert Spotlight: Joe Anderson (DatabaseMX)

We’ve posted a new Expert Spotlight!  Joe Anderson (DatabaseMX) has been on Experts Exchange since 2006. Learn more about this database architect, guitar aficionado, and Microsoft MVP.

Hello All;

OK. Power Outage due to storm today.
I was in the process of shutting down all the VM's when the battery backup shutdown.
I had the ARR, Web-01, and the Mail Server left to shut down, before the battery backup shutdown itself.

This is what all has happened since bringing everything back up then rebooting all VMs again.

#1: Network Load Balancer - Host Unknown for both Web-01 and Web-02 Servers.
       Both hosts are pingable with their names and IP Addresses from the ARR server.
#2: Cannot access either of the servers from my laptop through Remote Desktop.
       During the power outage, I was shutting down each VM with the Remote Desktop on my laptop.

I have
       Rebooted VMWare ESXi
       Rebooted each of the VM's
       Rebooted the Router

What am I missing?
Something has messed up somewhere due to this outage.
And I do not have a recent backup of the VM's, which is really not good at all.

Any and all assistance on this will be great.
I'm using IIS version 10.0.17763
Here is the IIS Recycle settings
iis-recycle settings
This is the current IIS recycle settings in IIS.  Based on these settings ,Would it be possible to find when the pool is manually / automatically recycled?
If not , what are settings i need to enable to find the IIS pool recycle timestamp? In event viewer where can I find these logs and what is the event id for this?  Please let me know.
I have a Quicktime .MOV file that I would like to convert into a autoplaying, looping file of some sort that I could then place on a website.

It is an animation, with just a few graphic images moving.

I need it to very very compact.  A similar Shockwave Flash file was 140k

Is there a way to create a script to log me into my shopify account, and literally make one or two clicks (option changes), and log out?

I need to do the same things every week, and I would like to know if there's a way to automate that?  In contacting shopify, they don't allow us to make any changes to the API,
so we can't do it that way.
Next steps with AWS. Ubunto, MariaDB, MySql and WordPress

I have installed the latest version of Ubuntu, MariaDB, with the following:

# Setup latest stable LAMP related PPAs
LC_ALL=C.UTF-8 add-apt-repository ppa:mamarley/updates </dev/null
LC_ALL=C.UTF-8 add-apt-repository ppa:ondrej/apache2 </dev/null
LC_ALL=C.UTF-8 add-apt-repository ppa:ondrej/php </dev/null
LC_ALL=C.UTF-8 add-apt-repository ppa:ondrej/nginx-mainline </dev/null
LC_ALL=C.UTF-8 add-apt-repository ppa:isc/bind-dev </dev/null

Open in new window

# Setup latest stable MariaDB PPA
curl -sS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash -s -- --skip-maxscale

Open in new window

# Verify MariaDB-10.4.X installable
apt-cache show mariadb-server-10.4

Open in new window

# Install MariaDB-10.4.X latest + MySQL compatibility tools/libraries/headers
apt-get install mariadb-server-10.4 mariadb-client-10.4 libmariadb-dev-compat

Open in new window

Now, when I typed mysql, I got MariaDB

root@ip- mysql

MariaDB [(none)]> exit

So, in order that I do not mesa up this clean installation, I need to
- create the database
- assign user permissions
- install WordPress

Please provide me those steps, and I will be ready to start digging into WordPress.

Hi, i am trying to set up a Load balanced web server cluster.

I have configured it to use IGMP Multicast, now this works great for machines on the same VLAN as the web servers, i can drain roles and the other server takes over etc.

However, only our machines on the same VLAN can access the website. Any other machine in another VLAN times out.

I am using Dell N3000's in a stack with 4-5 VLANs. How can i configure IGMP to move support the other VLANs?

I am going to have a read also, but I would appreciate some advice as this is a live network (i wont do any changes until the weekend just in case)

Thanks in advance for any help!
An employee that took care of hosting the company website was fired yesterday.

We're doing some checking but likely he has the keys to the website hosting account - it's likely using a personal email address of his

I am the domain owner with Godaddy,  The name servers point to the hosting company that hosts the website.

The website is still up, but I would expect he could / will take the site down.

What's the best way to try to download the site at this point?  Again, we don't have access to the account / just FTP all the files as an admin.  I'm thinking we have to do what we can using the public facing part of the website? (I really know nothing about web development, hence this other guy offered and the owners went with him for that).

I remember apps years ago that would just go to www.domain.com, save that page, and go to all the links to pages on that website, downloading each, following links untill they download everything.

The public pages might not be usable depending on the language the page is written in? (ie if a page is written to show today's date for ecxample, the html we download will have todays date. but not the script / code that set it as today?  Open that page tomorrow and it might say today's date?).

But at least we'll have the look and feel of the site.
We have inherited a wordpress site that does not have ssl, so login credentials are sent plain text (the site doesnt collect any other personal data). Are there any recommendations on who to use and any other dos and donts regarding selecting a certificate and approx costs. Are the costs 'one off' or annual?
we installed tomcat apache in windows server in -C:\   ,  Drive.
For better management we planning to move to D: Drive.

Please advise the steps needed to achive for the same
OWASP: Avoiding Hacker Tricks
LVL 13
OWASP: Avoiding Hacker Tricks

Learn to build secure applications from the mindset of the hacker and avoid being exploited.

For tomcat Apache server. How to convert Java JMX Agent Insecure Configuration to Secure one,
Kindly advice the steps in
We're going to run a webservice to receive messages from one client. We are required to use mutual TLS. The client did send us the certificate he will use to connect to our webservice. (it needs to be this certificate) Our environment is Nginx+Apache+PHP.

My question is: what is the best way to do this? How can I let Nginx or Apache require a client certificate and trust this particular certificate? Or should I do this in PHP. What's the best approach?
Hi Experts,

Could anyone please explain to me the different options and items from https://www.canadianwebhosting.com/webservice/managed_security/

as well, the difference between software and hardware firewalls.

Thanks so much.
The company I work for programs a website that runs on CPanel on CentOS.
In addition to our primary domain, we have almost 100 aliases that are domains for our customers (B2B).
When someone browses to one of these customer domains, the site adjusts its content (logos etc.) to look like it was custom made for that customer.

There seems to be a limit of 100 aliases in CPanel. We want to create many more - maybe 1500 -2000 long-term.

What is the best way to do this? Can the CPanel limit be raised? Is there a better alternative to CPanel?

Should we use subdomains or addon domains? Can we add 100 alieases to each of them? Can we add an SSL certificate to each of them?
Can we do this all within CPanel/WHM supported functionality, or do we have to make custom modifications?

Hopefully that makes some sense. Thanks for reading.
Regards, Ryan.
I have a wildcard certificate for *ourdomain.com that is used in Azure and GCP and other places publicly facing websites.  
First time renewing since other admin js gone.  
The certificate issuer website ask for a CSR. Is that supposed to be generated from a specific server or just my local computer?
I have started using SNI on my sites in IIS. I just noticed now that there is a alert saying  ..

.. "No default SSL site has been created. To support browsers without SNI capabilities, it is recommended to create a default SSL site."

Could someone please explain how I would go about creating this default SSL site?

How does this solve the problem with browsers that dont support SNI. Will this fix allow these browsers to go on this site without any security warnings?  My ssl cert is a wildcard cert if that makes any difference.

Thank you

Web Servers





A web server refers to the software that helps to deliver web content that can be accessed either through the Internet or through an intranet. The primary function of a web server is to store, process and deliver web pages to clients. The communication between client and server takes place using the Hypertext Transfer Protocol (HTTP). The most common use of web servers is to host websites, but there are other uses such as gaming, data storage, running enterprise applications, handling email, FTP, etc.