Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x

Web Servers

32K

Solutions

21K

Contributors

A web server refers to the software that helps to deliver web content that can be accessed either through the Internet or through an intranet. The primary function of a web server is to store, process and deliver web pages to clients. The communication between client and server takes place using the Hypertext Transfer Protocol (HTTP). The most common use of web servers is to host websites, but there are other uses such as gaming, data storage, running enterprise applications, handling email, FTP, etc.

Share tech news, updates, or what's on your mind.

Sign up to Post

I am trying to decide which option would be better for redirecting a web URL to a new URL. Basically I have a website autohill.com that I would need to redirect to web.customauto.com and the autohill.com website will be shutdown eventually. which should I use for my external hosted DNS and which should I do for my internal DNS? CNAME or create a new A record with the new name and point the existing A record to the new IP address of the new website?
0
Understanding Web Applications
Understanding Web Applications

Without even knowing it, most of us are using web applications on a daily basis. Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We often confuse these web applications tools for websites.  So, what is the difference?

Hi guys,

I want to create a rule in IIS (server 2012/2016) that would redirect the full url from http version to https while preserving the full url.

To give you an example, let's say I have 2 domain names: domain1.com and domain2.com. I want to set up a rule that would redirect to an HTTPS version of domain2.com while preserving anything else user typed after the main domain bit.
So the rule would do this:
http://domain1.com redirects to https://domain2.com
http://domain1.com/help redirects to https://domain2.com/help
http://www.domain1.com redirects to https://domain2.com
http://www.domain1.com/help redirects to https://domain2.com/help
http://domain2.com redirects to https://domain2.com
http://domain2.com/services redirects to https://domain2.com/services
http://www.domain2.com redirects to https://domain2.com
http://www.domain2.com/help redirects to https://domain2.com/help

I know how to set up a standard redirect from HTTP to HTTPS but it redirects to the HTTPS version of domain while losing anything user typed after the main domain for example: http://domain1.com/help redirects to https://domain2.com (removes /help bit, while i want to preserve it)

The existing rule is:

<rule name="HTTP to HTTPS" stopProcessing="true">
<match url="(.*)" />
<conditions>
<add input="{HTTPS}" pattern="^OFF$" />
</conditions>
<action type="Redirect" url="https://domain2.com/{R:1}" redirectType="Permanent" />
</rule>

Hope this makes sense and thanks very much…
0
is there an easy way in IIS to identify the local web root folder (e.g. c:\,.,) for each site/application?
0
Hi guys

So we have a slight issue. We are unable to get to two particular websites on HTTPS. Their Australian and New Zealand domains are what we can't get to from our internal network. We can get to the HTTP sites, just not their HTTPS.

However, if we use our guest-wifi we can get to the HTTPS. If we use our mobile phones we can get to it.

Our firewall is permitting the traffic out. So I took a snapshot and we get to a HTTP BAD REQUEST and at the bottom it says something about 'nginx', which proves we are hitting some sort of proxy/web server at their end. I assume they have some sort of load balancers or web proxy causing an issue?

Thanks for helping
Yashy
http-request.jpg
0
I need a web service to remain secret and would use CloudFare or a similar technology to prevent DDoS attacks. Aside from DDoS, what other types of attacks are possible?

I assume my web service domain would be totally hidden, but need to be sure there is no other known threat to it.

Thanks
0
We want to do an audit of some web servers (all of which run IIS) to ensure no sensitive information is vulnerable to unauthorised disclosure. I have read some articles claiming often web admins leave backup copies of sites in an area of the web server which may be accessible. And also have read that web.config files can often contain credentials.

Are there any other common types of security sensitive files which may be accessible on a web server from your experience? And also – is there a way to limit which areas of a web server you review/run keyword searches on from the backend OS.  Would it just be anything within 'wwwroot' per site? Or is that quite a simplistic view? And is there a default location for wwwroot per site, or an easy way to identify where the wwwroot per site resides from within IIS?
0
Hi,

I want to rewrite an entire directory using htaccess

Examples of original legacy URLs
website.com/app/group/index.php?group=id
website.com/app/group/settings.php?group=id
website.com/app/group/tasks/index.php?group=id
website.com/app/group/tasks/task.php?group=id&task=taskId
website.com/app/group/members/member.php?group=id&member=memberId
....

Open in new window



The new urls would be and rewrote to the original urls
website.com/app/group/id/ //with or without trailing slash
website.com/app/group/id/settings //settings file -> only get param is the group id
website.com/app/group/id/tasks/index.php //Tasks directory
website.com/app/group/id/tasks/task.php?task=taskId //Or website.com/app/group/id/tasks/task.php/taskId
website.com/app/group/id/members/member.php?member=memberId //OR website.com/app/group/id/members/member.php/memberId

Open in new window


There are about 10 -12 directories within the parent directory of "group"

I have successfully created a rewrite condition to accept
website.com/app/group/id/


using the following condition
RewriteCond %{REQUEST_URI} /app/group/
RewriteRule ^app/group/(\w+)/?$ /app/group/?group=$1 [L]

Open in new window


The problem becomes if i go to any other of the subdirectories within the parent directory of "group"

The group id ("group=id") will ALWAYS be needed with each page

Do i need to create a rewrite rule for each sub-directory?
Is there a way to extract only the group id and leave the remaining url intact (ex: website.com/app/group/id/tasks/task.php?task=5)?
0
how does the htaccess rewrite reg ex work

i have the following urls/l
www.website.com/app/team/teamId/page
www.website.com/app/team/teamId/directory/index
www.website.com/app/team/teamId/directory/page/queryId

Open in new window


The actual URLs
www.website.com/app/team/index?team=teamId
www.website.com/app/team/directory/index?team=teamId
www.website.com/app/team/directory/page?query=queryId&team=teamId

Open in new window


I have created rewrite rules based on what ive found on the interweb but i dont understand them nor do i know how to order them or if i need to create a separate expression for each of the scenarios

RewriteCond %{REQUEST_URI} /app/group/
RewriteRule ^app/group/(\w+)/(\w+)/(.*)/+? app/group/$2/$3?team=$1&$3=$4 [L]
RewriteRule ^app/group/(\w+)/?$ /app/group/?team=$1 [L]

Open in new window


i have had limited success with the rules and need more clarification on what the $1 etc are matching too as id perfer to write one rule instead of 10
0
In our business DLL, we have some variables declared as "Public Shared". This DLL is used by our website.

After a user logs into our site, Session vars hold the login info. (Nothing in Application vars as those would be shared across users, which we don't want.) Every time the user hits the DB, it connects with that info, setting the DLL's "Public Shared" variables to certain values and using them during that quick connection.

It's been fine for years.

Now suddenly, we're having incredibly rare occasions where one user is in the midst of a process, another user kicks off a process, and when that user sets those DLL "Public Shared" variables, the first user finds those values changed. For instance...

User 1 starts connection and process, setting MyDLL.Var1 = "A"
User 2 starts connection and process, setting MyDLL.Var1 = "B"
User 1 process is ending, but finds MyDLL.Var1 = "B"

I verified it by making a long dummy process. It seems odd to me that a DLL on the site would share these values across all the users logging into the website... but apparently that's how it works. (I was only ever concerned about Application variables -- not variables tucked away deep inside a DLL that I never coded.)

Since it's been fine for years, my guess is we recently created longer processes. So what's the solution? We have 50+ "Public Shared" variables that need to remain declared that way because they are used in other apps, including solutions with multiple projects -- so we …
0
Hi

We normally install our web application on AWS. It has 1x AWS Elastic Load Balancer and 3x Windows Web Servers. We use the Load Balancer (obviously) to spread traffic across the 3 web servers.

A new client wants to install our web application on their own VMWare environment. They say that they don't have any virtual/physical load balancers.

We don't have much experience of VMWare.

Does it have a virtual load balancer as part of the default environment or do they need to purchase something?

Thanks.
0
Survive A High-Traffic Event with Percona
LVL 3
Survive A High-Traffic Event with Percona

Your application or website rely on your database to deliver information about products and services to your customers. You can’t afford to have your database lose performance, lose availability or become unresponsive – even for just a few minutes.

I know how to program in C, C++, Java and Python, but I do not know how to design an application to be used by multiple users (single threaded serial or multithreaded). Any suggestion as to how t begin my search?  Could any one recommend any books or web sites?

Thanks
0
Is it possible to block a state via htacess?  Hypothetical, I am not allowed to business in CA so I want to block the state of CA?
Are there instructions on how to block all countries except the USA via htaccess?
0
I created an htaccess file in my directory for pma.fivetier.com with the following:

order deny,allow
deny from all
allow from xx.xxx.xxx.xx

Open in new window


When trying to visit from my IP I get a testing 123... page if you visit link above you will see.   If I remove the .htaccess file I have full access again without any problem.  What am I doing wrong?  Do I need to use ipv6 address or something?
0
One of our 2012R2 IIS web servers starting having a weird issue with port exhaustion resulting in an error 'Tcpip 4231'.  All of the outgoing ports are in use.  This was a brand new server, not serving any pages, but we monitor the availability.  We assumed it was related to a Windows update and began looking in to the issue; but then another server which hasn't had updates since April 2017 started having the same issue.

When I ran netstat, lo and behold every port in the range was in use by IIS.  It looks like there were ~120 inbound connections but the full port range was in use.  I was able to work around it temporarily by extending the range from 10000 - 65535 but this is a temporary fix.

So far as I can tell, no Windows 2008R2 IIS servers have become problematic.  

I'll post more info as I have more detail, but if anyone has run across this before it would be helpful.

Thanks in advance!
0
trying to help a friend finding out the info...

is there any good and reliable web hosting companies to be recommended that based in China?

my friend needs to deploy a website in China province (the website must be hosted in China), preferably in Windows platform.

tks
0
Hi Experts!

I'm wondering about the following scenario, in terms of security:

A high traffic website (www.site.com or site.com) with some other subdomains running Apache/PHP on top of Linux, the website is using cookies to store user's data, the cookie's header states "domain=.site.com", so its a wildcard, cookies are encrypted and over https.  Twenty (20) other sites are "hosted" on the same "site.com" using their own subdomain "blog1.site.com, blog2.site.com, etc). These hosted subdomains are a basic CNAME at the DNS level pointing to a FQDN hosted somewhere else.

Given the above scenario, in specific, would one of those 20 subdomains be able to view/read/alter Cookies from the main website (www.site.com or site.com) or one of its subdomains (me.site.com, app.site.com, my.site.com, etc) ?

What are the security risks in place? Are there techniques or best practices for dealing with such scenario, wanting to exclude a list of subdomains from accessing unprivileged cookies? Anything else I should be aware?

If you can share some knowledge I would appreciate, thank you!!
0
I had this question after viewing How Can You Update an Activated Quote.

quote is in inprogress i need to change to open state and update a field and need to change status. i did the same getting error. Can you explain how you achieved.
0
Our web servers are hosted on a 3rd party network (which our network is directly tied to). Meaning we can get to our servers at the 3rd party like we would servers sitting in our building.

Anyway, we have a load balancer and 2 web servers (let's call then ws1 and ws2).

All of our websites (www.oursite.com), obviously, goes through the LB and directs the traffic to either WS1 or WS2. If we want to bypass the load balancer, we can go to ws1.oursite.com or ws2.oursite.com.

So, here's the problem.

From internally only, if I try to go to www.oursite.com, the sites don't load. They  just spin and spin and spin. We're seeing some of the HTML come back, but it doesn't serve up the whole page.

If I go to ws1.oursite.com or ws2.oursite.com, everything loads as it should. Again, this is only happening internally...external users are not seeing any issues.

I'm not 100% convinced it's the Load Balancer causing the issue, but it sure seems that way since the LB receives the request and then sends the content back to the browser.

We are all really stumped here. Short of rebooting the Load Balancer, does any one have any insights or ideas? Thanks in advance!
0
I have a Centos Linux 7.0 Server, with Plesk Panel 12.5 running on it, I have ssh access on the server, and i can assign ssh access to the users thur the Plesk Panel. I am not sure if i have FTp server software running on the system. How to determine this, and how the upload a secure ftp server on the system. Please help
0
Free Tool: Site Down Detector
LVL 10
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

What exactly is the difference between a Web Framework, Web Server vs Javascript Frameworks?
0
Hello experts I'm trying to find some information on a website we have.  its address is https://csg.abc.com  Whats does the CSG represent?
I'm guessing it has something to do with Certificates?
0
Hi, I have a problem with my website(dealclik.us) pinging and loading webpages, this website is loading properly but except for one customer it is redirecting to xyz.xyz

I have talked to hosting providers, they are not able to fix this as they could not see any problem with the website. Please help me in fixing this. I asked that particular customer to restart their router, they have a static IP, they restarted the router but the issue is not fixed, how to fix this? please help!!

Thanks in advance.
0
I don't know when I apply for amazon job they reject my application i don't know why
0
Hello,

I had tomcat configured to redirect any requests to HTTP to redirect to HTTPS. This was functioning well until we had to do a DR restore of the DEV application. Now, HTTP does not redirect, but HTTPS works fine. I have compared the web.xml and server.xml configurations between our DEV and PROD installations, and found no differences. Below are the sanitized versions of the config:

Server.XML
<Connector port="80"
                   maxThreads="150"
                   minSpareThreads="25"
                   connectionTimeout="20000"
                   enableLookups="false"
                   maxHttpHeaderSize="8192"
                   protocol="HTTP/1.1"
                   useBodyEncodingForURI="true"
                   redirectPort="443"
                   acceptCount="100"
                   disableUploadTimeout="true"
                   bindOnInit="false"/>


<Connector port="443"
				   maxHttpHeaderSize="8192"
				   maxThreads="150"
				   minSpareThreads="25"
				   maxSpareThreads="75"
				   enableLookups="false"
				   disableUploadTimeout="true"
				   acceptCount="100"
				   scheme="https"
				   secure="true"
				   SSLEnabled="true"
				   clientAuth="false"
				   sslProtocol="TLS"
				   keyAlias="DEV_ALIAS"
				   keystoreFile="L:\ocation\to\keystore.jks"
				   keystorePass="supersecretkey"/>

Open in new window



Web.XML (this code is entered after all of the servlet-mapping, and before filter-mapping)
security-constraint>
<web-resource-collection>
<web-resource-name>Entire Application</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>

Open in new window



Any idea why this might be failing?
0
AuthType Basic
AuthName "Auth Required"
AuthUserFile C:/xampp/apache/bin/passwordfile
Require valid-user
# allow public access to the following resources
SetEnvIf Request_URI "(path/to/directory/)$" allow
SetEnvIf Request_URI "(C:/xampp/htdocs/TickTock_int/results_invoices_IDsel_Client.php\.php)$"  allow
SetEnvIf Request_URI "(util)$"  allow
Order allow,deny
Allow from env=allow
Allow from ::1
Satisfy any

Open in new window


I am trying to allow access through my xampp .htaccess file to the referenced php page above
Problem is the .htaccess is still active when I access this page externally
0

Web Servers

32K

Solutions

21K

Contributors

A web server refers to the software that helps to deliver web content that can be accessed either through the Internet or through an intranet. The primary function of a web server is to store, process and deliver web pages to clients. The communication between client and server takes place using the Hypertext Transfer Protocol (HTTP). The most common use of web servers is to host websites, but there are other uses such as gaming, data storage, running enterprise applications, handling email, FTP, etc.