This question already has answers here: How do I deal with a compromised server? (13 answers) Closed 1 year ago. I have a Windows Server 2019 VPS for hosting websites. It has all the latest updates. But somehow there is a (partial) hacking attempt. I first noticed it by the SMS I got for high … Read more
I have the following issue with a Web Site deployed within IIS: The web site uses Windows Authentication only and the domain controller serving the application is not stable. Due to configuration issues (no redundant DC configured), the application fails to authenticate the users (401). Any trials for redirection at web.config (e.g. customErrors with redirect) … Read more
I have create Root CA and Server Certificate following didierstevens blog. My browsers still trusts the certificate even after revoking the server certificate. I was getting certificate revoked error message for my old CA and certificate. I followed same blog for creating new CA and cert but it is not working now. I have hosted … Read more
I have Win Server 2016 with IIS, all updates applied as of this date. During updates to the sites running there, I put an app_offline.htm file in the app folder to bring the app pool down. For a single specific app, putting the file there won’t stop the application. I need to open task manager, … Read more
I’ve (our tiny group) been using the naked domain for Active Directory for quite a while now, at the beginning we knew it wouldn’t be available for other uses without heavy setup. At the time it seemed like no big deal as you can use the www. subdomain anyway, but, now seeing it in the … Read more
I have a IIS 10.0 server that everything is working fine, with one issue. Any .pdf file returns 404. I know permissions are correct as all the image files in the same folder are working fine. The PDF mime type exists in both the IIS root and the site and there is no Request filtering … Read more
I have installed three HTTP servers (IIS, Glassfish4 and Apache2.2) on a single windows-OS-based VPS. And I have three domain names (www.mysampleglass-domain.com www.mysampleapach-domain.org and www.mysampleiis-domain.net) which point to my VPS IP (as DNS A zone) Actually, IIS is the main server and is responsible for listening to http request on port 80. At present, all … Read more
I inherited maintaining a 2012 server. The certificate for our websites expired, so i installed a new one. It is still as if it is using the old one. We have many websites all on different ports. If I go to the bindings, they all have the new cert selected and it does not expire … Read more
Following Microsofts instructions for Enforcing HTTPS in ASP.NET Core and IIS 10 at https://docs.microsoft.com/en-us/aspnet/core/security/enforcing-ssl?view=aspnetcore-2.1&tabs=visual-studio The recommended changes do not appear to have an affect on redirecting http:// navigation to https:// for my site. I see a lot of blog posts reference modifying the web.config file with the rewrite rules. Changing the web.config file is not … Read more
I am using Windows Server 2016 with IIS 10.0 and I have configured a website in IIS Server Manager which binds to port 9999 and should listen to all IP addresses. netstat -an | findstr 9999 shows the following which looks fine to me (ABHÖREN means LISTENING): TCP 0.0.0.0:9999 0.0.0.0:0 ABHÖREN I can establish a … Read more
