HostForLIFE.eu was established to cater to an underserved market in the hosting industry; web hosting for customers who want excellent service. HostForLIFE.eu - a cheap, constant uptime, excellent customer service, quality, and also reliable hosting provider in advanced Windows and ASP.NET technology. HostForLIFE.eu proudly announces the availability of the ASP.NET Core 1.0 RC2 hosting in their entire servers environment.

In this article, I will explain about how to deploy nopcommerce in IIS. Those who don't know NopCommerce is open source free Online stores application(just like flipcart,ebay). It is built on ASP.NET MVC. There are many features in NopCommerce. NopCommerce also support wide range of plug-ins. You can create your own plug-ins also. You can found more details about nopcommerce at http://www.nopcommerce.com/

Deployment methods

You can Deploy NopCommerce in two way

• Tools provided by NopCommerce(*.bat)
• Using Visual studio.

First method is very easy to implement. Second method need some extra work.

It is always better idea to deploy production code in local IIS host before deploying it in live server. If your developing asp.net application in visual studio you will use IISExpress to run the application. Most of the time IISExpress may not show those error which will be shown by IIS. For example when i run the nopCommerce in visual studio it worked properly but when i deployed it in Local IIS i fond a unknown error "Could not load type 'System.ServiceModel.Activation.HttpModule......."

Deploying using NopCommerce tools

• Assuming you already download NopCommerce with Source(At the time of writing this post nopCommerce_2.80_Source.rar is the latest version). You can download NopCommerce with source at http://www.nopcommerce.com/downloads.aspx
• Extract nopCommerce_2.80_Source.rar at your desired location. I am using F:\DotNetProjects.
• The extracted folder contains below items.
  
  

• In that folder Prepare.bat, Deploy.bat are the deployment tool given by NopCommerce.
• First Run prepate.bat it will display bunch of text in command prompt and finally Build success message.
  

• Now Run Deploy.bat again it will show you bunch of text in command prompt and finally Build success message. If you observe a new folder called Deployable is created automatically. This is our production code we need to deploy in Live Server.
• Before we deploy it in live server we will deploy it in local IIS. Now Just go to you iis manager.
• Expand the items in your left sidebar. Right click on Default Web Site and select Add Application form the menu.
• Enter details. Physical path field must be point to your Deployable folder.
• Now open your broser and enter http://localhost/nop.
  
• If there is no error it will redirect you to http://localhost/nop/install folder where you need to enter details like admin email,password, db connection details and click install.
• If everything is ok NopCommerse Will install successfully.
  
  Error1:Could not load type 'System.ServiceModel.Activation.HttpModule' ... Problem Fix
  At step 10 in above process you may get this error.
  Could not load type 'System.ServiceModel.Activation.HttpModule' from assembly 'System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
  

• If you got this error you can resolve it by using simple tool "aspnet_regiis.exe".
  Just go to C:\Windows\Microsoft.NET\Framework64\v4.0.30319 (path may different for 32 bit pc)in your command prompt. Run the the tool like this. "aspnet_regiis.exe -iru" this will execute some command and the problem should fixed.

ERROR2:Setup failed: An error occurred while creating the database: CREATE DATABASE permission denied in database 'master'. error. fix
If you got this error there are different alternative you can fix this error. But I will explain most simple one only.

• Run NopCommerce.sln under nopCommerce extracted folder(Refer step 2).
• Run the NopCommerce Application (ctrl+f5). 3)It will prompt you to enter db details(refer step 11). Enter details as shown in step 11 and click install.
• This time you wont face any problem (as i told earlier at beginning).
• No go to F:\DotNetProjects\nopCommerce_2.80_Source\Presentation\Nop.Web\App_Data (may different in your pc) and copy InstalledPlugins.txt,Settings.txt to F:\DotNetProjects\nopCommerce_2.80_Source\Deployable\nop_2.80\App_Data(this is our Deployable folder)
• Now Go to http://localhost/nop.
  
  If it asked for db details enter exact details you entered before.
• Voila! you successfully installed NopCommerce.

Deploying nopCommerce using Visual Studio

• Go back to your to Visual studio where you open nopCommerce solution and build the solution.
• Right click on Nop.Web click publish.
• This will prompt you through publish web wizard  Enter details like Publish Method:File System,Physical path
• Now right click on Nop.Admin and publish with sub-directory as /Admin under same directory you selected in previous step.
• copy all files you found under /admin/bin to /bin.
• Now copy copy InstalledPlugins.txt,Settings.txt text to add_data folder(Just follow steps i explained in Errror2 section of this post).
• That's it everything is great now.
  

HostForLIFE.eu IIS 7.5 Hosting
HostForLIFE.eu is European Windows Hosting Provider which focuses on Windows Platform only. We deliver on-demand hosting solutions including Shared hosting, Reseller Hosting, Cloud Hosting, Dedicated Servers, and IT as a Service for companies of all sizes. We have customers from around the globe, spread across every continent. We serve the hosting needs of the business and professional, government and nonprofit, entertainment and personal use market segments.

Today I will show you, how to install IIS 7.5 a SMTP service and securing it.  Often the applications we deploy have a requirement to send alerts or messages to end users via system generated e-mails. If you have a mail server, such as Microsoft Exchange, installed in the same environment this usually handles this functionality for you. However, if the application is a standalone application which will deployed into an environment where no e-mail services exist, you will either need to implement a mail server which might be overkill if you are just going to be sending alerts and system generated messages, or create an SMTP service on the application server. A simple way to get this done is to install the SMTP server feature that is part of Windows Server 2008 R2 as well as every version of Windows Server before that. Once installed you would need to configure the SMTP service, test it and secure it. Below are the steps to follow:

Step 1 – Install the SMTP Service

Open Server Manager and go to ‘Add Features’ and Select ‘SMTP Server’. If you do not have IIS installed the server will prompt you to ‘Add Role Services and Features Required for SMTP Server’

Click ‘Next’ and the wizard will install the SMTP Server for you.

Step 2 – Set the SMTP Service to Automatic Start

By default Windows installs the service and sets it to manual start. If you restart the server at any time the SMTP service will not start automatically which will result in your application not being able to send any e-mail. Open the MMC Services Snap-In, Find the ‘Simple Mail Transfer Protocol (SMTP)’ Service and double-click it.

Set the ‘Start-Up Type’ to ‘Automatic’ Apply and close the window.

Step 3 – Open IIS 6.0 Manager

You will note on Windows Server 2008 (& R2) that it will install two IIS Managers. The SMTP server is managed through IIS 6.0 and not IIS 7.5.

Step 4 – Add a new Mail Domain

You now need to configure the mail domain. Expand the virtual folders on the left pane and then right-click on the centre pane. Select ‘New’ and ‘Domain…"’

Select the ‘Remote’ radio button and then click ‘Next’

Type your domain name in the text box provided and click on ‘Finish’. Do not add the @ symbol as per the example below.

Step 5 – Configure the New Domain

You now need to configure your new domain. Right-Click on the domain you have created and select ‘Properties’

Click on ‘Outbound Security’ and select your authentication type. In this example I am leaving the authentication to ‘Anonymous Access’ as I will lock down the server through limiting relay. Click ‘Ok’ and close all the domain windows.

Step 6 – Configure the SMTP Server

You now need to configure the SMTP Virtual Server. Right-click on the Virtual Server in the left pane and select ‘Properties’

Select the ‘Access’ Tab and Click on ‘Authentication’. Your Authentication at this level must match the authentication set at the domain level as per Step 5. In this example Anonymous Access is our preferred method.

Click on ‘Ok’ which will take you back to the previous window. Now click on ‘Relay’

An ‘Open Relay’ is the greatest risk to your SMTP server as it could be used by SPAMMERS to send their malware and other unsolicited mail. We are going to restrict this server to only accept mail and relay it for the localhost on which the application resides.
Ensure the Radio Button which states ‘Only the list below’ is selected. Untick the box which states ‘Allow all computers that successfully authenticate to relay, regardless of the list above’. Click on ‘Add’ and in the window provided type in the IP address of your server. Once done click ‘OK’.

Your ‘Relay Restrictions’ dialogue box should now look like the one below.

Click ‘Ok’. Your SMTP Server is now ready to send e-mail. You can click through the other configurations and change mail size limits and retry intervals etc. But by default the settings are good enough for this example.

Step 7 – Testing the SMTP Service

You can test the service using a Telnet session from the Command Line. Note that since Windows Server 2008 the Telnet Client is not part of the base install. You will need to install it using the ‘Add Features’ wizard as we did to install the SMTP Server in Step 1 above. If the server is situated behind a Firewall ensure that it will allow SMTP (TCP Port 25) outbound from your SMTP server.
Follow these steps as per http://support.microsoft.com/kb/153119
Open the Command Prompt and type ‘Telnet’ to start the Telnet client.
Type ‘set localecho’ hit enter and then type ‘open 127.0.0.1 25’ and hit Enter.

You will be presented with the SMTP Server Header.Now type ‘helo me’ note the single ‘l’ and hit Enter. The server will respond with Hello and the IP Address.
Now type ‘mail from:<yourname>@<yourdomain.com>’ and hit Enter. 
Now enter the address you want to send mail to by typing ‘rcpt to:<name>@<senddomain.com>.
Now type ‘Data’ and hit Enter.
Type ‘Subject:This is a test’ and hit Enter twice.
Type ‘Testing’ or anything else you want to send as body text and hit Enter.
type ‘.’ i.e. full stop and hit Enter.
Your mail should now be sent and should be received within standard e-mail timeframes.

HostForLIFE.eu IIS 7.5 Hosting
HostForLIFE.eu is European Windows Hosting Provider which focuses on Windows Platform only. We deliver on-demand hosting solutions including Shared hosting, Reseller Hosting, Cloud Hosting, Dedicated Servers, and IT as a Service for companies of all sizes. We have customers from around the globe, spread across every continent. We serve the hosting needs of the business and professional, government and nonprofit, entertainment and personal use market segments.

In this post, i will show you how to configuring ASP.NET and IIS request length for post data. One of the most infuriating things about IIS configuration in general is how the Request length is configured in IIS and ASP.NET. There are several places that control how much content you can send to the server and over the years this setting has changed in a number of ways. The places where it's configured is not super obvious and they can be fluid because some of these features are optionally installed IIS features.

So here are the two main places where the request length is set in IIS and ASP.NET:

• IIS Request Filtering

• HttpRuntime maxRequestLength

Let's start with the IIS level setting, which is also a relatively new setting. It's based around the Request Filtering module in IIS which is an optional IIS component, but that is a required component if you have ASP.NET installed on your server (at least in the latest versions). If you have ASP.NET enabled in IIS the Request Filtering module is also enabled and the following settings apply.

If you don't use ASP.NET you can still install Request Filtering, but it's an optional component. So if you only use ISAPI or CGI scripts and no ASP.NET content Request Filtering may not be enabled in which case the following settings cannot be set and aren't required. Since most people do run ASP.NET at least for some sites, for all intents and purposes we can assume that the Request Filtering module is installed on IIS.

So to configure the posted content size you can use the following web.config based configuration settings:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
     <security>
      <requestFiltering>
        <requestLimits maxAllowedContentLength="500000000"  />
      </requestFiltering>
    </security> 
   </system.webServer>
</configuration>

The maxAllowedContentLength determines the size of the POST buffer allowed in bytes. Above I've set the value to 500megs.

Or you can do the same thing in the IIS Management console using Request Filtering option in the IIS options:

As is usually the case you can apply the filtering at all levels of the IIS hierarchy – Machine, Site and Virtual/Application. Using web.config as shown above sets the settings at the Application level.

Because these are IIS settings, the value controls the IIS upload settings so they are applied against any and all requests that are fired against IIS, including ASP.NET, ASP, ISAPI extensions, CGI/FASTCGI executables, IISNodeJs requests and so on.

ASP.NET traditionally has had its own httpRuntime element in the <system.web> section that control ASP.NET runtime settings one of which is the maxRequestLength. This setting controls the ASP.NET pipeline's acceptance of file uploads and it needs to be configured in addition to the Request Filtering settings described above.

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
  <system.web>
    <httpRuntime maxRequestLength="500000000" executionTimeout="120" />
  </system.web>
</configuration>

You can also use the IIS Management Console and the Configuration Manager option, to view all of the options on the httpRuntime element:

What's interesting is that the settings you see here widely mirror the settings in the Request Filtering section, and they are not inherited. It's your responsibility to make sure the settings are set correctly in both places. I recommend that you take a minute and go through the values you care about and set them correctly in both places.

The above describes ASP.NET settings. If you're using another framework, like WCF you may end up with yet another different set of settings on the WCF bindings and Endpoints. Just be aware of the framework you're using and that it too might have specific filters to restrict request size.

HostForLIFE.eu IIS 8 Hosting

HostForLIFE.eu revolutionized hosting with Plesk Control Panel, a Web-based interface that provides customers with 24x7 access to their server and site configuration tools. Plesk completes requests in seconds. It is included free with each hosting account. Renowned for its comprehensive functionality - beyond other hosting control panels - and ease of use, Plesk Control Panel is available only to HostForLIFE's customers. They offer a highly redundant, carrier-class architecture, designed around the needs of shared hosting customers.

In this tutorial, I will show you how to install SSL certificate in IIS 8.0. To communicate securely over the web requires the use of encryption on the messages passed back and forth.  Encryption on the web is accomplised through the use of Transport Layer Security (TLS). Http traffic layered over SSL/TLS is called Https.  It would be all too easy to venture down the rabbit hole and explain in great detail how TLS establishes a secure connection, but the crypto minutia is likely a bit out of scope for the purposes of this discussion.  However, a basic understanding of the mechanisms used by TLS to secure the communication channel will make understanding the use of SSL certificates much easier.

TLS uses public key cryptography, which requires the distribution of a public key.  This public key is transmitted as part of an SSL certificate, along with other identifying information meant to establish trust that a server is who it is supposed to be (and not a malicious eavesdroper).  While it is possible to create self-signed certificates, browsers do not trust these certificates and will give users dire warning when they are encountered (this would be like me printing my own drivers license and saying "See, I am who I say I am... really!").  For a certificate to be trusted, it must be issued by a trusted Certificate Authority (CA).  When a secure connection is made using a trusted certificate, most browsers will display an indicator that the connection is secure.  In Chrome, clicking the green lock icon will reveal information regarding the details of the connection:

And this is what a self-signed certificate will get you:

So to fully take advantage of Https you need to have a certificate from a trusted CA (Symantec [GeoTrust, VeriSign], Comodo, GlobalSign, etc).  Getting a certificate involves first creating a Certificate Signing Request (CSR).  IIS has the capability of creating a CSR, and their are other tools available, including the linux command line using OpenSSL.  This is what it looks like in IIS:

You'll transmit the CSR in one form or another to the CA you are getting your certificate from, and after they've performed whatever level of due diligence they'll send you your SSL certificate.  Once you have the certificate, you'll need to install it on the server hosting your site.  For .NET based web applications, that likely means IIS or Azure.

• Installing SSL Certificate in IIS 8.0

In IIS Manager, under Server Certificates, there is an option for "Complete Certificate Request".  Here you'll browse to the *.cer file that contains your certificate, add a friendly name to make management easier it doesn't change anything in the certificate and add the certificate to the Personal certificate store.  This installs the certificate to the server.  To use it in your site, you have to bind it.  Navigate to the site settings in IIS, go to bindings, and add a binding for https using port 443 and the created certificate.

• Using Https in the application

Using the URL Rewrite rule described in the Azure SSL instruction involved adding this rule to the web.config file:

<system.webServer>
  <rewrite>
    <rules>
      <rule name="Force HTTPS" enabled="false">
        <match url="(.*)" ignoreCase="false"/>
      <conditions>
        <add input="{HTTPS}" pattern="off"/>
      </conditions>
        <action type="Redirect" url="https://{HTTP_HOST}/{R:1}"
                appendQueryString="true" redirectType="Permanent"/>
      </rule>
    </rules>
  </rewrite>
  </system.webServer>

In MVC, using the [RequireHttps] attribute gives fine grained control over what portions of the site will need to use https:

[RequireHttps]
public ActionResult About()
{
    ViewBag.Message = "Your application description page.";
 
    return View();
}

HostForLIFE.eu IIS 8 Hosting

HostForLIFE.eu revolutionized hosting with Plesk Control Panel, a Web-based interface that provides customers with 24x7 access to their server and site configuration tools. Plesk completes requests in seconds. It is included free with each hosting account. Renowned for its comprehensive functionality - beyond other hosting control panels - and ease of use, Plesk Control Panel is available only to HostForLIFE's customers. They offer a highly redundant, carrier-class architecture, designed around the needs of shared hosting customers.

Today I will discuss about how to install IIS on Windows 8. IIS or Internet Information Services or Internet Information Server is an HTTP web server that is used in Windows server operating system, from Windows NT 4.0 Server, Windows 2000 Server or Windows Server 2003. This service is an integrated service in Windows 2000 Server, Windows Server 2003 or as an add-on in Windows NT 4.0. This service serves as a support TCP / IP protocol that runs in the application layer (application layer). IIS also be the foundation of the Internet and Intranet Microsoft platform, which includes Microsoft Site Server, Microsoft Commercial Internet System and Microsoft BackOffice products more. Web Server can be run on Windows 8 and Windows Server 2012 and earlier versions of Windows.

The relationship between the Web Server and Internet Browser is a combination or existing computer networks around the world. Once physically connected, Protocol TCP / IP (networking protocol) that allows all computers can communicate with each other reply. By the time the browser requests a web page of data to the server the instruction data requests by the browser in containers in which a TCP transport protocol and sent to the reply address in this case is the next protocol is Hyper Text Transfer Protocol (HTTP). HTTP is the protocol in use on the World Wide Web (WWW) between computers that are connected in the network in the world. To recognize this protocol clearly is very easy once where every time you type http: // ... you have to use it, and bring you into the world of internet. Data that in passing from the browser to the Web server called the HTTP request which asks the web page and then the web server for data existing HTML and packed in TCP protocol and sent back to the browser. Data sent from the server to the browser called the HTTP response. If the data requested by a browser that can not be found by the Web server will meninbulkan error that often you see on the web page that is Error: 404 Page Not Found. It gives a taste of a process that is tridimensional, meaning that Internet users can read from one document to another simply by clicking a few sections of pages of documents (web) it. The process that starts from the demand webclient (browser), web server is received, processed, and process the results returned by a web server to a web client again carried out in a transparent manner. Each person can easily find out what happened to each process. In broad outline only web server to process all the input it received from its clients web.

How to Install Web Server (IIS) in Windows 8?

• Press the Windows key + W (Windows key and the letter w on a keyboard), then type features, and then click Turn Windows features on or off.

• Then click on the Internet Information Service (see picture below), and then click OK.



After the installation process Internet Information Services will run, wait for it to finish.

• After the installation of Internet Information Service is complete, press the Windows key and then type IIS in the search box, and then click Internet Information Services (IIS) Manager, as shown below.
  

• In Internet Information Services (IIS) Manager, click the arrow on the name of your computer> sites> then click Default Web Site, as shown below (4a). Then click the Basic Settings in the action pane to the right (4b).

• Here we will try to override the default physical path where the data of our website later. In this example I will create a folder called "mywebsite" on drive C :, then his path to C:\mywebsite, as in the image below. I click the "..." as in the picture, and navigate his path to the C:\mywebsite, and then click OK.
  



To perform the test helloworld create a file called index.htm in the folder C:\mywebsite. Then type localhost in your browser.

HostForLIFE.eu IIS 8.5 Hosting
HostForLIFE.eu revolutionized hosting with Plesk Control Panel, a Web-based interface that provides customers with 24x7 access to their server and site configuration tools. Plesk completes requests in seconds. It is included free with each hosting account. Renowned for its comprehensive functionality - beyond other hosting control panels - and ease of use, Plesk Control Panel is available only to HostForLIFE's customers. They offer a highly redundant, carrier-class architecture, designed around the needs of shared hosting customers.

One of ASP.NET feature that we can use to speed up our application is using IIS Auto-Start Feature. Auto-Start, introduced with IIS 7.5, allows an ASP.NET application deployed to IIS to be available immediately after deployment.  In the simplest sense, enabling this feature causes IIS to prime an application as soon as it is deployed removing the warm-up time often required of “cold hits” to a website.  In this article we’ll see how we can enable this feature either through IIS Manager or configuration files and even how we can perform more advanced application warm-up routines, such as priming a cache.

Configuring Auto-Start with IIS Manager

Enabling Auto-Start via IIS is actually quite simple, though the settings can be tricky to find the first time.

• Open Internet Information Services (IIS) Manager.
• In the Connections pane, select the Application Pools node, revealing the Application Pools pane in the main view.
• Select the application pool for which you wish to enable Auto-Start.

• Click Advanced Settings…
• Locate the Start Mode option under the General group and set it to AlwaysRunning.

Configuration Auto-Start with applicationHost.config

Enabling Auto-Start using the IIS Manager UI is quick and simple, but tweaking the settings for all of your application pools via the user interface may not be scalable.  For example, imagine that you were rolling out your website to a large web server farm and need to automate the configuration of all your application pools.

In this case, we can also enable Auto-Start by tweaking the applicationHost.config file which controls the application domains for all instances running on that server. applicationHost.config can be found at <Windows>\System32\inetsrv\config\applicationHost.config.

Inside of the applicationHost.config file, locate the <applicationPools> node located under<configuration>/<system.applicationHost>. Inside of the <applicationPools> node, locate the entry whose name attribute corresponds to your application pool, and add a startMode attribute with the value of “AlwaysRunning”.

<applicationPools>
        <add name="MvcMusicStore" startMode="AlwaysRunning" />
    ...
</applicationPools>

The addition of the startMode attribute will override the default start mode of “OnDemand“.

Advanced Application Warm Up with Auto-Start

We’ve seen how to work around the “cold-hit” problem that often affects websites running on IIS.  However, imagine that early requests to your site can still cause delays, perhaps due to expensive data that has to be retrieved.  In these cases you can certainly cache the data after it’s retrieved to make subsequent requests faster, but the unlucky visitor who first makes the request still has to bear the brunt of the work for others.

While in the past it wasn’t unheard of for developers to prime their caches with these expensive data requests in the Application_Start() function of Global.asax.cs, IIS now provides a cleaner way through the use of Auto-Start Providers.

For example, let’s imagine that the home page of your application contains a rather expensive call.  In the fact, the call is so expensive that we’ve elected to cache the results improve the performance of subsequent requests.  However, this still lays the bulk of the work at the feet of the site’s first visitor.

        public ActionResult Index()
        {
           var albums = HttpRuntime.Cache["TopSellingAlbums"];
           if (albums == null)
           {
                var service = new TopSellingAlbumsService();
                albums = service.GetTopFiveSellingAlbums();
                HttpRuntime.Cache["TopSellingAlbums"] = albums;
            }
            return View(albums);
         }

While this technique does improve the performance for subsequent visitors, it still lays the bulk of the work at the feet of the site’s first.  However, IIS now provides a better place to perform these types of warm-up tasks.

Preload clients, which implement the IProcessHostPreloadClient interface, contain a single method Preload(…) which can be used to cleanly perform these warm-up tasks.

    public class MvcMusicStoreApplicationPreloadClient : IProcessHostPreloadClient
    {
        public void Preload(string[] parameters)
        {
            var service = new TopSellingAlbumsService();
            HttpRuntime.Cache["TopSellingAlbums"] = service.GetTopFiveSellingAlbums();
        }
   }

However, this class will not be loaded automatically.  We need to tell IIS both about the existence of this class as well as which website it applies to.  To do this, we’ll need to return to our applicationHost.config file.

First, we’ll need to add an element called <serviceAutoStartProviders> to the<configuration>/<system.applicationHost> node.

        <serviceAutoStartProviders>
            <add name="MvcMusicStoreAutoStartProvider" type="MvcMusicStore.MvcMusicStoreApplicationPreloadClient, MvcMusicStore" />
        </serviceAutoStartProviders>

This element registers our custom preload client with the name MvcMusicStoreAutoStartProvider.  Be sure to fully qualify the type name in the type attribute so the assembly loader can locate it.

Finally, we’ll locate the entry for our site under the sites node and register our preload client in our site’s application node.

            <site name="MvcMusicStore" id="1" serverAutoStart="true">
                <application path="/" applicationPool="MvcMusicStore" serviceAutoStartEnabled="true" serviceAutoStartProvider="MvcMusicStoreAutoStartProvider">
                </application>
       . . .
            </site>

This is done by adding the serviceAutoStartEnabled attribute, set to true, and by adding theserviceAutoStartProvider attribute, set to the name of the serviceAutoStartProvider entry we added in the previous step.

Wrapping Up

With just a few easy steps we’ve ensured that our application is always ready to go when a user a visits.  In addition, we’ve also discovered an easy way to offload time intensive operations, such as priming a cold cache, from the first user to the initial startup of the application.  With these two tips in hand we’re sure to have a fast and responsive application that our users will rave about.

You have just finished installing IIS on your Windows OS. You’re probably thinking that you can delve into the web development world and forget all about the underlying web server. After all, IIS is a Microsoft product so it should install with the right default configuration settings, right? That is far from true with IIS.

In this article, I will provide 8 tips that you can use to secure your IIS installation.

Move the Inetpub folder to a different drive

The Inetpub folder is the default location for your web content, IIS logs and so on. By default IIS 7 and upwards install the Inetpub folder in the system drive. It’s good practice to move the Inetpub folder to a different partition so that the web content is separate from the operating system. This folder can be moved after IIS installation is completed.

Install the appropriate IIS modules

IIS includes more than 30 modules  – you should only install the ones which are needed by your web applications. Disable any modules that are not required, to minimize the capacity of potential attacks. Periodically review the modules that are installed and enabled and remove any that are no longer required. You can use IIS Manager to list all the modules that are enabled.

• Open IIS Manager
• Select the name of the machine to view the modules for the whole machine, or change to the specific web site to view the modules enabled for the selected site
• Double click on ‘Modules’
• To disable a module, click on the module from the list and select ‘Remove’ from the Actions pane
• Confirm the removal by pressing Yes

Disable the OPTIONS method

The OPTIONS method provides a list of methods that are supported by the web server. Although this might seem beneficial, it also provides useful information to an attacker. This will provide information to an attacker at the reconnaissance stage of this attack. Therefore it’s recommended to disable the OPTIONS method completely. This can be done by denying the OPTIONS verb from the HTTP Verb request filtering rules in IIS.

• Open IIS Manager
• Select the name of the machine to configure this globally (or change to the specific web site for which you need to configure this)
• Double click on ‘Request Filtering’
• Change to the HTTP Verbs tab
• From the Actions pane, select ‘Deny Verb’
• Insert ‘OPTIONS’ in the Verb, and press OK to save changes

Enable Dynamic IP Restrictions

The Dynamic IP Restrictions module helps blocks access to IP addresses that exceed a specified number of requests and thus helps prevent Denial of Service (DoS) attacks. This module will inspect the IP address of each request sent to the web server and will filter these requests in order to temporarily deny IP addresses that follow a particular attack pattern. The Dynamic IP Restrictions module can be configured to block IP addresses after a number of concurrent requests or by blocking IP addresses that perform a number of requests over a period of time. Depending on your IIS version you will need to enable either the ‘IP Security’ feature or the “IP and Domain Restrictions”  as explained in this Microsoft article.

This will include the ‘IP Address and Domain Restrictions module in the IIS Manager, from where dynamic IP restrictions can be set.

• Open IIS Manager
• Select the name of the machine to configure this globally (or change to the specific web site for which you need to configure this)
• Double click on ‘IP Address and Domain Restrictions’
• From the Actions pane, select ‘Edit Dynamic Restriction Settings’
• Modify and set the dynamic IP restriction settings as needed and press OK to save changes

Enable and Configure Request Filtering Rules

It is also a good idea to restrict the types of HTTP requests that are processed by IIS. Setting up exclusions and rules can prevent potentially harmful requests from passing through to the server, since IIS can block these requests on the basis of the request filtering rules defined. For example, a rule can be set to filter traffic for SQL Injection attempts. Whilst SQL Injection vulnerabilities should be fixed at source, filtering for SQL Injection attacks is a useful mitigation. This can be set from the Rules tab found in the Request Filtering page in IIS Manager.

• Open IIS Manager
• Select the name of the machine to configure this globally (or change to the specific web site for which you need to configure this)
• Double click on ‘Request Filtering’
• Change to the Rules tab
• From the Actions pane, select ‘Add Filtering Rule’Set the required rules, and press OK to save changes

The rule set in the below screenshot would instruct IIS to check for the provided strings in requests for .asp and .aspx pages. IIS will then block the request if any of these strings are found.

You can also filter requests that contain things like high-bit characters or double escape characters. This and other similar filtering options are explained at http://technet.microsoft.com/en-us/library/hh831621.aspx

Enable logging

Configuring IIS logging will cause IIS to log various information from HTTP requests received by the server. This will come in handy and can give a better understanding of issues that might have occurred on your website when things go wrong. It’s the place where you will start the troubleshooting process in such situations.

The server’s logs can also be continuously or periodically monitored in order to review the server’s performance and provide optimizations if needed. This can be automated using various server monitoring tools. Make sure to keep a backup of the logs. Microsoft also provide Log Parser, which is a tool that can be used to query and retrieve specific data from IIS logs. Additionally, log consolidation tools prove useful for consolidating and archiving data from logs in a more meaningful way.

IIS logging can be enabled and configured from IIS Manager > select the machine name or the specific site you want to configure > Logging. Since these log files might grow quite large, it would be a good idea to start a new file periodically.

Use the Security Configuration Wizard (SCW) and the Security Compliance Manager (SCM)

Both of these Microsoft tools can be used to test your IIS security. The Security Configuration Wizard (SCW) runs different checks and provides advice and recommendations on how to boost your server’s security. The Security Compliance Manager (SCM) tool performs security tests on your server and compares server configurations to predefined templates as per industry best practices and security guide recommendations.

Updates

Finally, ensure that you keep up to date with the latest updates and security patches. It is interesting how often this basic security requirement is missed. The majority of hacks affecting the web server occur on unpatched servers. This just demonstrates how important it is to always keep your IIS web server up to date.

In this post, I will tell you how to access a folder with no document in IIS. It's easy, just follow these steps:

Step 1

Create a folder called Original--IIS-Files

Step 2

Move all the files into folder Original-IIS-Files

Step 3

Navigate to your web server. By default, the Web Server will render the following message when the folder has no default documents.

And you're done! Simple, right?

HostForLIFE.eu IIS 8.0 Hosting
HostForLIFE.eu is European Windows Hosting Provider which focuses on Windows Platform only. We deliver on-demand hosting solutions including Shared hosting, Reseller Hosting, Cloud Hosting, Dedicated Servers, and IT as a Service for companies of all sizes. We have customers from around the globe, spread across every continent. We serve the hosting needs of the business and professional, government and nonprofit, entertainment and personal use market segments.

In this article, I will tell you how to configure DNS record for sub domain.

Step 1

Open your domain control panel then go to DNS manager.

Step 2

Add following A records for domain.com and www.domain.com which point to IIS server IP address:

domain.com  IN A XXX.XXX.XXX.XXX
www.domain.com  IN A XXX.XXX.XXX.XXX
service.domain.com IN A XXX.XXX.XXX.XXX

First two rows will ensure that whenever user browse domain.com or www.domain.com at that time it will be routed to IIS server and rest will be take care by IIS then it will serve public site. The third row in above is important for next step.

Step 3

Now add following wildcard CNAME record:

*.domain.com  IN CNAME service.domain.com

In above wildcard entry ensure that any sub domain request for domain.com will be routed to server which is pointed by service.domain.com.

In IIS setup, you have to edit website binding to include domain.com and www.domain.com as host header, by this way you can tell IIS that any request from domain.com and www.domain.com will be handled by this particular website. So, whenever user browse domain.com or www.domain.com it is serving public website without any problem.

While in case of sub domain it is showing error that “The connection was reset” this is because IIS does not found host header entry for requested domain in any websites. So, you need to add host header entry in service.domain.com website created in IIS setup because service.domain.com is actual website which is going to serve hosted service application when it is browse from sub domain. Use the following code to add host header entry programmatically in IIS:

private string GetWebSiteId(string serverName, string websiteName)

{

    string result = "-1";

 

    DirectoryEntry w3svc = new DirectoryEntry(string.Format("IIS://{0}/w3svc", serverName));

 

    foreach (DirectoryEntry site in w3svc.Children)

    {

        if (site.Properties["ServerComment"] != null)

        {

            if (site.Properties["ServerComment"].Value != null)

            {

                if (string.Compare(site.Properties["ServerComment"].Value.ToString(),

                                        websiteName, true) == 0)

                {

                    result = site.Name;

                    break;

                }

            }

        }

    }

 

    return result;

}

       

private void AddHostHeader(string hostHeader, string websiteID)

{

    DirectoryEntry site = new DirectoryEntry("IIS://localhost/w3svc/" + websiteID);

    PropertyValueCollection serverBindings = site.Properties["ServerBindings"];

 

    serverBindings.Add(hostHeader);

 

    Object[] newList = new Object[serverBindings.Count];

    serverBindings.CopyTo(newList, 0);

 

    site.Properties["ServerBindings"].Value = newList;

    site.CommitChanges();

}  

 

AddHostHeader("127.0.0.1:80:user1.domain.com", GetWebSiteId("localhost", "service.domain.com"));

HostForLIFE.eu IIS 8.0 Hosting
HostForLIFE.eu is European Windows Hosting Provider which focuses on Windows Platform only. We deliver on-demand hosting solutions including Shared hosting, Reseller Hosting, Cloud Hosting, Dedicated Servers, and IT as a Service for companies of all sizes. We have customers from around the globe, spread across every continent. We serve the hosting needs of the business and professional, government and nonprofit, entertainment and personal use market segments.