IIS Server Security, i'll give it a try

microsoft.public.inetserver.iis.security - About IIS Web Server Security Issues


IIS Server Security >> i'll give it a try

by derik » Thu, 17 Jul 2003 22:06:59 GMT

Alright, I'll look into Certificate Server and try signing
a new certificate that way. I still don't
understand why I'd be able to access the page with SSL
using a browser running on the server and have it show up
on the logs, and not get anything on the test computers. It
seems like even if it was a certificate problem something
would still show up in the server logs, especially if its
just that the certificate isn't signed by a trusted CA. I
would think the server would be contacted, note it in the
log, start the handshake, and then have the client computer
fail to recognize the certificate. I guess it depends on
how the server logs work. Any explanation for a newbie?


>-----Original Message-----
>That's why something is wrong. you should get
>the prompt from all browsers. and maybe something
>wrong with the cert too.
>
>I'm not familair with openssl, but if you have a W2k Server,
>you might want to try this
>HOW TO: Configure SSL in a Windows 2000 IIS 5.0 Test
Environment by Using
>Certificate Server 2.0
>http://support.microsoft.com/?id=290625
>
>Using Certificate Server 2.0 to Generate a Server
Certificate for Use with
>IIS 5.0
>http://support.microsoft.com/?id=228984
>
>
>--
>Regards,
>Bernard Cheah
>http://support.microsoft.com/
>Please respond to newsgroups only ...


Top

IIS Server Security >> i'll give it a try

by Bernard » Fri, 18 Jul 2003 11:54:23 GMT


If the request do come in to IIS, it will be logged.
E.g. when you browse using http, you will get a
403.4 - telling you SSL is required.

If you then browse with https and succesful, you
will get http port of 443 and status of 200.

If you not seeing any log, perhaps the request
wasn't complete. as for why ? yet to find out.


--
Regards,
Bernard Cheah
http://support.microsoft.com/
Please respond to newsgroups only ...








Top
Similar Threads

1. I'll try this again (Parent Paths) in IIS 6

2. OMA gives ASP errors when trying to access 

I am using Exchange on an SBS server.  Exchange and Outlook Web Access
work fine, but I can't get Outlook Mobile Access to work.  If you
attempt to access OMA from a web browser, it gives an error.  The
error reads:

Failed to map the path '/'.

Description:  An unhandled exception occurred during the execution of
the current web request. Please review the stack trace for more
information about the error and where it originated in the code.

Exception Details: System.Web.HttpException: Failed to map the path
'/'.

Source Error:

An unhandled exception was generated during the execution of the
current web request. Information regarding the origin and location of
the exception can be identified using the exception stack trace
below.

Stack Trace:


[HttpException (0x80004005): Failed to map the path '/'.]
 
System.Web.Hosting.ISAPIWorkerRequestInProcForIIS6.MapPathSlowUsingIISCore(String
path) +240
   System.Web.Hosting.ISAPIWorkerRequest.MapPath(String path) +420
 
System.Web.Configuration.HttpConfigurationSystem.ComposeConfig(String
reqPath, IHttpMapPath configmap) +519
   System.Web.HttpContext.GetCompleteConfigRecord(String reqpath,
IHttpMapPath configmap) +437
   System.Web.HttpContext.GetCompleteConfig() +50
   System.Web.HttpContext.GetConfig(String name) +197
   System.Web.CustomErrors.GetSettings(HttpContext context, Boolean
canThrow) +20
   System.Web.HttpResponse.ReportRuntimeError(Exception e, Boolean
canThrow) +40
   System.Web.HttpRuntime.FinishRequest(HttpWorkerRequest wr,
HttpContext context, Exception e) +480

Version Information: Microsoft .NET Framework Version:1.1.4322.2300;
ASP.NET Version:1.1.4322.2300



So far, I have reinstalled the Exchange IIS virtual directories and
metabase and searched everywhere I could for an answer.  I am open to
options.  Please help.

Jon

3. [PHP] given up of iis now trying apache - PHP

4. given up of iis now trying apache 

Everything seems to be working but when I try and run a php file. It offer 
the download dialogue box.

I remeber doing something where you tick a box to enable scripts and execute 
them or something in the manager. Can anyone help?


Ross

5. Gave PhoneFactor a try - IIS Server Security

6. Thanks All, I'll work on that now, and post back 

"Jm" < XXXX@XXXXX.COM > wrote in message
news: XXXX@XXXXX.COM ...
> Just wondering. I'm trying to put a java applet on my website, but I can't
> seem to get it to work. I am wondering if there is anything in IIS 5 and
my
> site properties that is inhibiting it to work?
> www.jmconsultingllc.com/fireworks
>
> thanks for you help,
> Jm
>
>

7. Monitor CPU load for a given Web site on a given application pool

8. directory as application in IIS gives Could not load type 

Hello,

Where to start? Well, I was creating a little back office for a website. That website is in fact a virtual directory in an existing website. So, I have this:

-- WEBSITE1
|---- [Some Files & Directories]
|---- WEBSITE2 (Virtual Directory -- dirname: "koea")
|------ [Some Files & Directories]
|------ BackOffice

When the development of the back office was about finished, I wanted to add FormsAuthentication via web.config. Therefore I needed to set the "BackOffice" directory as an application in IIS.

From that moment I get this error when trying to reach the back office:

---------------------------------------------------------------
Server Error in '/koea/BackOffice' Application.

Description: An error occurred during the parsing of a resource required to service this request. Please review the following specific parse error details and modify your source file appropriately. 

Parser Error Message: Could not load type 'LS.Ebrug.Web.BackOffice.Login'.
---------------------------------------------------------------

The error goes away when I make "backoffice" a regular directory again, but then I can't use FormsAuthentication anymore.

I have tried to rebuild the entire solution, but that didn't work out. Does someone has an idea how to solve this issue? Any help would be appreciated!

Thanks in advance,
Thomas