How to protect My SQL database on the server from various malware injections?
How to protect My SQL Database
Error 401.2 while using a proxy server and Windows Authentication
I am using a proxy server to go from one domain to another. I see that I can reach the endpoint but I am getting the above error. I kinda understand that the proxy server while navigating to the endpoint is not providing any credentials and the backend is configured for Windows Authentication. Do I need to provide user credentials and how?
Thanks
ULScan module vs Request Filtering
Guys, inherited a rather large IIS 7.5 farm with URL Scan in use instead of request filtering., I am wondering why this might be ? My understanding was that request filtering had superseded URLScan. The only use for URLScan these days seems to be if:
- You wish URLs that are filtered to be logged to a separate file. (equest filtering uses the IIS site file and this cannot be changed it seems)
- You wish to allow someone without access to the IIS console access to the URLScan.ini file for config (seems unlikely!)
Any thoughts or any other differences that might make a case for using URL scan still?
IIS 7 Application - Not accepting Windows Authentication from remote machine
Hi there, I need your help.
So I've set up a virtual directory and application ASPNET C# available over HTTP using the Default Website.
Whenever i try to access the directly using my domain name it works, but whenever I try using my ip address from the very same machine it keeps asking me for authentication and reports a 401.1 if I cancel:
HTTP Error 401.1 - Unauthorized You do not have permission to view this directory or page using the credentials that you supplied. Module WindowsAuthenticationModule Notification AuthenticateRequest Handler ExtensionlessUrlHandler-Integrated-4.0 Error Code 0xc000006d
How to do resolve this ?
Thanks in advance for any help
content security policy frame ancestors
Does any know if there are a maximum number of url's you can put in in content security policy frame ancestors ' self' < source> <source> i have third parties connecting to my API but are getting violations errors. when their web site is white listed in frame ancestors. the list is long and their site is is listed in my policy after the last one that shows up on the violations list? a much larger client is not having any issues with their url's that are after the new client. so i m wondering if there a max number of of sites in the config?
IIS URL Redirect + F5 Offload
Hi, I am confused regarding IIS HTTP to HTTPS URL redirect + F5 SSL Offloading.
Currently... I have a website on IIS that I am redirecting from HTTP to HTTPS using URL Rewrite module and at the same time also using F5 to Offload same website from port 80 to port 443. Website works fine using server link or the F5 link.
I am wondering why is F5 getting a response on port 80 from IIS when the redirect is enabled? F5 is not set to accept response on 443 from this IIS server as that is not configured.
Thanks,
Bilal
Problem Overlapping Users Sessions
Hello all
I have a very strange problem
I have a website that works for years well on Windows Server 2008 and IIS7
You have moved the website to another server running Windows Server 2012 and IIS8.5
After the Running.. Surprises overlap in the sessions of users meaning:
When userA Login find other User profile .
I have moved all the settings from the old server to the new Server but Same problem .
What I Do , What I check?
Please Help
IIS Windows Authentication : User of some domains in LDAP domain can't connect ( Invalid credentials ) , even if they part of Administrators Users
Hello guys ,
I'm facing issues when connecting a certain user for certain in our LDAP/ Active directory domain .
What I want is to deny access to my websites for all users except some belonging to certain domain .
To proceed , I have added the users domains to Administrators group or the specific user but it is not working . ( It is a bad practice but I want to force a little bit in order to understand it quickly
Note that that the user can't connect to the windows server as normal user via Remote Desktop Connection also I don't know why
1)My basic question is : It is mandatory that in order to perform an Windows Authentication via IIS , an user should have the right to connect to the windows server itself ( via RDP or whatever )
IP Address and Domain Restrictions - Missing Enable Proxy Mode
Hi,
I am running IIS7 on windows 2008r2 sitting behind a load balancer. I have installed "IP Address and Domain Restrictions".
However when I "Edit Feature Settings" at domain (or even server level) I do not have the tick boxes to "Enable Proxy Mode" as I need to be able to restrict IPs based on the "x-forwarded-for" header.
All I have is
Access for unspecified Clients: (Drop Down)
Enable domain name restrictions (Check Box)
Do I need to enable this some where else before it shows?
IIS reveals its real or internal IP address
I'm basically trying to make IIS not bring back the internal IP from HTTP 1.0 request as demonstrated here.
https://blog.rohitl.com/2014/08/internet-information-servicesiis.html
My question is /alternatehostname seems to always be FQDN. What do you do with a website that is not on a domain and has multiple public addresses like webmail.domainname.com, activesync.domainname.com, etc..? Do you run the appcmd.exe set config /alternateHostName: multiple times?
Windows authentication problem only on domain controller
Hi,
I have two computer with windows server 2019, one as standard workstation and the other as domain controller. My web site work as expected in my development workstation, but when i transfer the exact same web site to server, my authentication didn't seems to work. I receive the authentication box, but that box didn't want to accept my credential.
So the only difference is that my web site is host on domain controller.
I am using Windows Authentication in IIS.
Any idea?
Thankx
How to support .net applications work properly with TLS 1.2 Protocol?
I have a .net application (.NetFrameWork 3.5) deployed in windows server 2012 R2 and its application pool running under .Net CLR V2.0. This application consuming WCF Service that will get some data from the database.
In Windows Server when I disable TLS 1.0, TLS 1.1 Protocols and I enable TLS 1.2 this WCF service has not worked, for this WCF service work properly in server what will be new changes should I implement?
Windows Authentication: WebResource.axd 401 2 5 0
We have an asp.net intranet website (.Net Framework 4.7.2) that uses Windows Authentication on a Server 2016 server. An alias "midasuat" was created for the server and it was added to the site as a Site Binding;
Type: http Host Name: blank Port: 85
Type: http Host Name: midasuat Port: 80
When we access the site anywhere from our network, it works just fine. The users are automatically authenticated and are not prompted for their credentials.
As soon as we point the alias to a load balancer using https which in turn redirects traffic to our http site, all heck breaks loose. The user is authenticated, but the site starts prompting users for their credentials multiple times in each site page as it tries to access its resources (images, etc.). Reviewing the IIS logs, it appears that the user id is missing whenever the log item has a 401 and contains the user id when the log item has a 200. What would cause the user id to be missing on the 401 item records? For example,
2019-09-26 13:59:49 10.223.9.162 GET /WebResource.axd d=JkAB5ka8negpT8ybXEQZMXxXI9mJWpZWmTkEkbVZKeZS16GTozxIRs469PerGU9KNENukSCIt4T3de2k-mfoqglRegUjKAtpRzZSb47vMohrCg1scSa6bDZuAqEyj2CHJ4ivP3z6y-gKMxyiqY8BMg2&t=635918956660000000 85- 10.223.7.27 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/77.0.3865.90+Safari/537.36 https://midasuat.company.com/Default.aspx 401 1 2148074248 0
2019-09-26 13:59:49 10.223.9.162 GET /WebResource.axd d=b8adWYak0tImLef4A3fc9VL8hsWyhp8x_X-Sv_mxjx9SgprVPmtmNrBh5mzsC_dOstvN1diFs3YXDKg6hYJqiFV_BkYSjpInbOH15qNFyLksqiHpzwNbq7jrOarxSpaLxB9wocMYNgiG-e2_hp56sA2&t=635918956660000000 85Company\userID 10.223.7.27 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/77.0.3865.90+Safari/537.36 https://midasuat.company.com/Default.aspx 200 0 0 0
Any and all assistance is greatly appreciated. Thank you.
Barcelona vs Inter Watch Online
https://francevs-usa.com/barcelonavsinter/
https://francevs-usa.com/chelseavslille/
https://francevs-usa.com/liverpoolvssalzburg/
https://francevs-usa.com/barcelonavsinter-live/
https://newzealandvs-canada.com/barcelonavsinter-live/
https://newzealandvs-canada.com/liverpoolvssalzburg-live/
https://usavs-france.com/barcelonavsintermilan/
https://usavs-france.com/barcelonavsintermilan-live/
Georgia vs Fiji Tv Channel
https://georgiavsfiji.com/
https://georgiavsfiji.com/live/
https://georgiavsfiji.com/stream/
https://georgiavsfiji.com/reddit/
https://georgiavsfiji.com/fijivsgeorgia/
https://georgiavsfiji.com/fijivsgeorgiastream/
Ireland vs Russia Tv Coverage
https://irelandvs-russia.com/
https://irelandvs-russia.com/live/
https://irelandvs-russia.com/stream/
https://irelandvs-russia.com/reddit/
https://irelandvs-russia.com/russiavsireland/
https://irelandvs-russia.com/russiavsireland-live/
https://irelandvs-russia.com/rugby/
site bindings sharing SSL cert
Good afternoon,
I have a 2016 server that is hosting a ton of sites.
One of the sites have multiple site bindings with each its own SSL certificate.
But 3 of these sitebindings will always share the same certificate. If I change one bindings certificate. The other 2 are also automatically changed to the new certificate.
If I add a new binding this binding will also share that same certificate. And changing its cert will also change it for the other bindings.
Every binding needs its own certificate
Thank you in advance for your time
Setting permissions with no risk?
Hi all
I have been seaching for days and hours to find an answer that I can understand without getting confused :D
My sites are running perfectly and no errors but however, i'm a little worried about the security on each site.
Im really getting confused about all the informations about IIS_IUSRS and IUSR and its security.
I think its because of my bad english lol :)
I will try to explain the best way I can:
One of my sites need to have several of folder read- and writeable so I gave the IUSR all right except Full control, otherwise the installer wan't run and get alot of warnings about folders not writeable!
Then I gave IIS_IUSRS_machinename list only.
The site is now running with no problem except a curl problem I write in another post.
But im worried about the security now that the IUSR has all these rights and all visitors can upload/hack ect..?
Should I be worried or is there anything else I should do?
Thanks in advance
Setting folder access on IIS 7.5
Hello,
I kindly ask for your help.
Under Default Web Site there is a folder named "Monitoring". So the web address is "server.domain.com\monitoring".
I would like to restrict access to only this folder (and its content), that only domain group called "SG_Monitoring" has access to it.
What settings i need to change? Shall I change settings under Authentication settings, or do u recommend disable access on NTFS level? (remove IIS_IUSRS) ..
I dont want to change Default Web Site settings, unless its necessary.
Bonus but not required.. In case of disabled access due to lack of membership of SG_Monitoring group, there should load custom webpage instead of generic "you dont have permissions to view this page".
Regards
IIS File Upload_issue
Hi Guys,
I've developed a python web application for uploading files which is working fine in local system. In our office environment, we have a windows remote server where we use IIS to create a site and deploy it. So we can access that webpage in our local environment.
The issue is when i upload a file from my local environment, im getting below error
File not uploaded 400 Bad Request: The browser (or proxy) sent a request that this server could not understand.
I'm trying for the past 2 days to fix this but no luck. Could you guys help to fix this issue.
Do i need to change add anything in web.config file (or) any permissions related ?
Regards,
Vinoth