Changing IIS user breaks Chrome
In order to make use of a command-line SSH utility, we switched the user of our IIS application pool to a user which has access to it. I am not sure why the NETWORK SERVICE user or the AppPoolIdentity...
View ArticleIIS 7 Application Pool Identity
My MVC 4 web application is hosted on IIS 7 in windows server-1, and my database is in windows server-2. In my code, the application reads the User PC's domain account and logs in the user if the...
View ArticleCould not create SSL/TLS secure channel
Hi all,We have some code that does a post to a https address using HttpWebResponse. It works fine on server 2003 with iis 5.x or whatever, but when we try to run it on 2008 with IIS7, it gives us the...
View ArticleCreating an outside domain UNC path based webapp results in error
Hi there,I try to create a webapp in IIS7 in my virtual machine with a folder path that is hosted by my host. Host and guest are not part of the same domain.When I test the connection in the "Basic...
View ArticleForce IIS to ask for credentials
I had managed IIS to correctly ask for NTLM credentials while accessing it from localhost and local network.However, IIS still doesn't ask for credentials while accessed from remote network, aka...
View ArticleDefault Web Page Provides Information
One of our audit findings was: Default web page provides information. This is iis 7. On previous versions of iis, we would edit default.htm with something like "access denied" verbiage. I cannot...
View Articleconfiguring IIS remotely
I am adding SMTP aliases using C# programs with the following command.DirectoryEntry entry = new DirectoryEntry("IIS://LOCALHOST/SMTPSVC/1"); When I run it from the server where IIS is running...
View ArticlePermissions on C drive (C:\) with shared hosting an IIS
I've ran into a conundrum tryign to confiugre permissions for shared hosting on a web server running IIS. All of the sites serve content from a file share. Each site runs with the application pool user...
View ArticleTrustwave Penetration Scans
Has anyone experienced a failure notification from penetration scan testing of your Intrusion Prevention / Protection System? We are properly patched via MS 10-04 0 and MS 10-06 5, however the testing...
View Articleread only access to remote desktop users on IIS
Hi,I am I a situation where I need to see each configuration set for website, virtual directories, application pool at client production servers both 2003 (IIS 6) and 2008 (IIS 7) to replicate in our...
View ArticleCOMException (0x80004005): PowerPoint could not open the file on IIS7 server
<div>I created a web application and trying to open/read power point presentation using c#, 64 bit Os, windows 7, IIS 7, .NET Framewor 4, Office 2010. When I run the application within .NET IDE...
View ArticlemaxAllowedContentLength IIS 8.5
I could not find references about IIS 8.5.I have a WCF service using "basic authentication", I can upload upto 400 mb files with ssl. I have a Certificate Authority and generate certs for clients....
View ArticleSSL Setup
I was trying to follow the instructions for setting up an SSL site at http://www.iis.net/learn/manage/configuring-security/how-to-set-up-ssl-on-iis but I am running Windows 2008 R2 Server and my IIS...
View ArticleWindows authentication with host headers - one user has access without...
There is a website on one of my test servers, which I didnt set up but im curious why one domain user can access the site WITHOUT getting prompted for their domain credentials / login. The site is...
View ArticleKerberos authentication failure
I have a problem, both on a customer's system and my own test system intended to reflect theirs, where access to a file on a website is being denied. The following is a summary of the set-up.There's a...
View ArticleRetrieving Computer Name of User
We have a network load balancing cluster of 2 servers.Environment is Windows Server 2008R2 and IIS7.There is a c# application that is attempting to retrieve the workstation of the user. The interesting...
View ArticleQuery on configiguration details in UrlScan
Hi,I am getting the vulnerability "remote code execution " after installation and configuration of UrlScan as per the recommendation.Would like to know if there is any other methodology / change for...
View ArticleURLScan installation
Hi, Is it recommended for installing URLScan 2.5 in 2003 Server or we can go for URLScan 3.1 . Regards
View ArticleClik here to view.
Removing http response headers
HiYes, its yet another response-header thread I've been looking at removing all the normal http response headers, and so far i haven't found that one great way of doing it.You all know them. asp.net...
View Article