IIS8.5: Reactivate inheritance of authentication section
Hello,on our Windows 2012 R2 / IIS 8.5 servers I've changed via IIS console the username for anonymous Authentication from "IUSR" to "application pool identity" on 1 website to test the impact.After...
View Article401.2 Error Windows Authentication
I have an intranet site deployed to IIS in Windows Server 2008r2.I would like to use AD authentication. Currently, the site is only running on my development VM which is NOT joined to the a...
View ArticleClik here to view.
How do I allow Forms Authentication on services stored in IIS and invoked...
Using four stub services defined for Forms Authentication, I have been trying to get the authentication working across multiple services on IIS 7.0 when invoked through a Web Application or SharePoint....
View Articlehow to set IP filtering under iis7 with C# code
i found someone registered our web site with script yesterday.20,000 register record in our db with the same ip addressi know how to filtering ip under iis with ui but i want to listening record...
View ArticleAsp.net Upload File ( FileUpload1.SaveAs) "Access to the path denied"
Have a page that was working in IIS 6. Upgraded from IIS 6 to IIS 8.5 and now this doesn't work. Using .Net V4.0Uploading file from web #2 to a different web #1. The document goes into a file...
View ArticlePermissions Needed for IIS Manager
What are the minimum permissions needed to open IIS Manager on IIS 7.5? I need to be able to manage several web site. I've always had local admin rights on a server but a change in policy is giving...
View ArticleIIS Client Certificate Mapping Authentication
Hi All,I am trying to get a better understanding of how IIS Client Certificate mapping authentication works in the runtime. While adding oneToOneMappings, we map a client certificate to User account....
View ArticleSecure and HTTPOnly Flag Query
Hi all,I have a web application which uses Apache Tomcat version 7.0.55. Our application security team recently scanned the application for vulnerabilities and recommended that we needed to:1. Ensure...
View ArticleDisabling Unnecessary Methods
Hi all,our app scanning team have informed us that we must disable all unnecessary methods within our application's config. e.g. PUT and DELETE.We have tried to resolve this within the Tomcat config.In...
View ArticleWCF Error :- The HTTP request was forbidden with client authentication scheme...
Hi I have hosted a WCF Service on my Server it's give me Error The HTTP request was forbidden with client authentication scheme 'Anonymous'.at my localhost everything is working fine. Even if i call...
View ArticleIIS7 - Authenticating with External LDAP server
hi, we have an ASP application running on IIS7 and the hosting machine is not part of our domain. we want to authenticate user through LDAP server ( Microsoft AD ) using LDAP protocol and not through...
View ArticleAsp.net page can not displayed when page post backs and Request come to...
Hiwhen asp.net page post backs after selecting drop down value , some times page can not displayed message appears and page not loaded.user request come to Asp.net server through F5 load balancer. TCP...
View ArticleMix anonymous and basic autentication
Hi!I run IIS 7 in whs2011. I have simple web-site.I have Mysite and under it I have sub-sites. Mysite has "menupage" and it has links to sub-sites. I want possibility for all users to see Mysite and...
View ArticleAuthentication using username and password in SOAP header
Hi,Is there a way to authenticate the WCF request using the username and password in the SOAP header using out-of-the-box IIS functionality, without any custom HTTP handler or custom...
View ArticleUsing Dynamic IP Restrictions...
Hi all, is there a way to find out which IP addresses have been blocked/restricted when using Dynamic IP Restrictions..? is there an event log entry or log entry when that happens..? Thank you
View ArticleOWIN Auth Startup not firing in IIS
I have created a simple Web API in Visual Studio 2015 and installed and configured it to use Microsoft.Owin security. When running the app from VS using the default IIS Express, everything works fine,...
View ArticlePass security sensitive data from one IIS application to another IIS application
Hi There is a need to pass security sensitive data like authentication details (username/password) to another IIS application may or may not be hosted on same IIS server.We would like to explore ways...
View Articlehow to set directory permissions of windows server 2012 so Visual Basic 2015...
I have a VB.NET windows app that reads incoming SMTP email files from c:\inetpub\mailroot\Drop\ and then moves them renamed to c:\primary\ . I’ve set Windows file permissions of both directories...
View Articleoffical document on IIS windows authentication
Hi,I'm having an environment which is using IIS 8.5 windows authentication. (server 2012 enterprise)I do like to check and look for official notice or document on the following infrastructure setupis...
View ArticleHow do you disable DES-CBC3-SHA with Windows 2008r2?
I have been trying to block the ability to connect via DES-CBC3-SHA (168)Currently i have reg keys for DES 56/56 , DES 168/168, Triple DES 168/168 all with keys of Enabled Dword 0 Howerver (and this is...
View Article