Rather new to administering IIS.
we have a windows 2003 server running IIS 6 (no ssl). One of the applications a user built is for droid phones and they require an SSL connection exclusively. the customer bought an ssl cert and wants every user calling the website to be forced to use a SSL connection.
Question: Would I have to create a copy site of Default web site, and apply this SSL and set it so that only port 443 can access this?
or, is there an easier way to go about this?
I was told that applying the SSL cert to the existing defualt website won't work because if you do that, and forced all connections to port 443, the internal users will fail.
Thanks for the help!
If I needed to run multiple sites on IIS I usually just created additional subweb underneath Default Web Site - it was working quite well, and you should be able to set up ssl just for it I believe.
on IIS7 (not sure if that will be possible with IIS6) as well I often create multiple top level sites, and map them to different FQDNs. You can also map those to different ports using the same FQDN, but that obviously is less than ideal.
Related
I'm building a Node app and need to put it online so my team can access it. We are concerned about the content of the app leaking and need some security.
Is a VPN the best way? Could I set one up easily on Digital Ocean or elsewhere? I have only set up a VPN for tunnelling before, and don't have a local computer or server that is always on.
I first thought about putting it on a randomly generated subdomain on my regular domain, or controlling it with .htaccess and password, but I'm not sure if this is doable with Node.
EDIT: what about just setting up with pptp and then editing the hosts file to point my-temporary-domain.com to localhost?
This problem is relevant because you don't have a local area network that your team all has access to. The way I've solved this in the past is to set up your application listening on the 127.0.0.1 on a server that is accessible to the internet. Allow your team to have SSH access, and set it up so they forward localhost and port 80 on their local machine to whatever port your application is listening on. You can do this with openssh and putty.
I have developed an intranet site using nodeJS and it is running successfully on one of the Windows servers in our office and am now ready to deploy.
At the moment the only route to access is ip:port (192.168.1.88:8888 for example)
I would like for the local users on the network to just type 'intranet' into their browsers and be forwarded to this location. I have tried modifying the system32\drivers\etc\hosts file (with 127.0.0.1 intranet), but it 404'd, telling me that index was not found, so maybe it's trying to serve the application statically with a different web server (IIS is installed on the machine, although it's not running?)
Is there any way to achieve this "shortcut" at network level? It must also work for external visitors to the site so I've ruled out any local solutions.
I am aware that this information already exists online, however I find it is above my knowledge level as a humble javascript developer and seems to strafe into network administration territory. I wonder if anybody could provide a lay mans write up.
I have a VPS hosted server with Windows Server 2003 on which I installed WAMP server, it is working and I am able to access it by localhost and modify it's contents with no problems. Also I have a domain name, say "domain-name.com". My question is how can I make it accessible on the internet by typing my owned domain name in browser?
This is quite an open question, but here goes:
You'll have to set a DNS record that points to your server. Your domain registrar may offer a DNS services themselves. If they do not, and only allow you to set nameservers, have a look at http://dns.he.net (a free DNS hosting service). In the latter case, don't forget to configure the nameservers in your domain registrars panel to the HE DNS servers (ns1.he.net - ns5.he.net)!
The records you will have to add are as follows:
An A record for www.domain-name.com, pointing to your IP
A CNAME record for domain-name.com (often represented in a DNS panel as #), pointing to www.domain-name.com
Optionally, MX and SPF/TXT records if you wish to use e-mail services on your domain/server (this is a whole separate subject to deal with, especially SPF records can be tricky)
Additionally, while this is not part of the question - please don't use WAMP for public/production servers. WAMP was made for development server setups, and it will be configured as such. If you really can't set up a HTTPd+PHP+MySQL setup yourself, then at least have a look at XAMPP, which is more suitable for live servers.
I have configured IIS 7.5 ftp service to use SSL. I have two environments (one for testing purposes, without ssl). When we activate SSL users can logon and list and get files maybe one time if there lucky, then the host (service?) becomes unreachable for some reason. I have no idea what happens or why the FTP "locks" it self. When the ftp is in the "locked" state i am still able to telnet the ftp service, but login do not work.
The test environment without SSL works perfectly and never locks itself. I have also tried turning off SSL on the production environment and that makes that environment work perfectly too.
So the problem must be with SSL (certificate is from versisign). Have someone experienced the same problem och now what can be the cause of this?
/ Tommy
See this document
Specifically these sections:
Using Windows Firewall with secure FTP over SSL (FTPS) traffic
More Information about Working with Firewalls
(At the bottom)
IIS does not work when I start applications like Skype since it also uses port 80.
Which port can I use to run IIS other than 80? (8080 does not work)
You can run IIS on any port you like, as long as it does not conflict with other applications. I am using 88, 8888 and other easy to remember ports.
You can find the common used port here: PORT NUMBERS, and it is safer to choose an unassigned TCP port.
Quote:
The Dynamic and/or Private Ports are those from 49152 through 65535
If IIS is working and you have troubles with an ASP.NET applications, those links might be helpful:
How to: Configure ASP.NET Applications for an ASP.NET Version
ASP.NET and IIS Configuration
ASP.NET IIS Registration Tool (Aspnet_regiis.exe)
IIS and ASP.NET: The Application Pool
If you are still having troubles, it would be helpful to provide more information about your environment, the steps taken so far to solve the problem, and retagging the question (append asp.net for example)
Well you can disable skype to use port 80. Click tools --> Options --> Advanced --> Connection and uncheck the appropriate checkbox.
Port 8080 might have been used by another process in your computer.
Do netstat in command prompt to find out which server/process is using it.
Have a look at this page (http://en.wikipedia.org/wiki/Port_number) it gives you full explanation on how to use port number
Also remember, when running on alternate ports, you need to specify the port on the URL:
http://www.example.com:8080
There may be firewalls or proxy servers to consider depending on your environment.
you can configure IIS in IIS Mgr to use EVERY port between 1 and 65535 as long it is not used by any other application
Stopping Skype from using port 80: http://forum.skype.com/lofiversion/index.php/t15582.html
I'm going to make a few assumptions and come at the problem from a different angle... in that because you have skype installed and running on the same machine, that it is not a production machine and instead used for testing / development?
If so, you may wish to look at alternatives to IIS completely to alleviate your issue. If you use IISExpress or the web server built into recent versions of Visual Studio, they will automatically pick a port for you.
Of course this does mean that it's not particularly useful for giving other people access, but is fine for local development for personal use.
I think the other answers probably offer a better alternative in most situations, but this may offer a different insight.
Here is an intro to IIS Express: http://learn.iis.net/page.aspx/860/iis-express/
You have to configure the port first for example 127.0.0.1:91 then you need to allow access to port 91
from windows firewall->>advance setting->>inbound rules->> new rule.
then check port->> assign new port (91). then next to finished.
After this 127.0.0.1:91 should be accessible from the web.