You are here: Saotn.org

How to add, list and remove IP addresses in Windows Firewall

Yesterday, I showed you how to block IP addresses in Windows Firewall using PowerShell. This comes in particularly handy when blocking brute-force IP addresses. In this short post I’ll show you how to bulk add IP addresses in Windows Firewall, list an IP address and how to remove all IP addresses from Windows Defender Firewall with Advanced Security.

Block brute force attacks on SQL Server, block IP addresses in Windows Firewall using PowerShell

This PowerShell solution blocks IP addresses that are trying to brute force your SQL Server logins, by blocking IP addresses in Windows Defender Firewall with Advanced Security. For the time being, some manual labor is involved, but it is still manageable. You can use this to create your own solution to block offending IP addresses in SQL Server’s firewall.

Windows Defender: Turn off routine remediation

Long story short: During the transition of antivirus software to Windows Defender Antivirus (WinDefend), I don’t want Windows Defender remediation on threats it might find. Later, when I have more information about potential threats, I can always choose to remediate that threat, e.g. quarantaine or remove it. Unfortunately, there is no PowerShell cmdlet to configure this. Here is how to (temporarily) turn off routine remediation.

Increase WMI memory to support large volume of queries

How to optimize WMI performance and memory usage in Windows Server

Since I started expanding my Zabbix scripts and templates for monitoring Windows Server instances – AD, IIS and SQL Server – I found WMI was failing more and more. WMI stopped working: WmiPrvse.exe would just crash after hitting some memory limit of 512 MB. If you run into the same issue with Windows Management Instrumentation, here is how you can increase WMI Provider Service’s memory quota. Doing so resolved my issues.

IIS Manager for Remote Administration in Windows 10

Install and setup IIS Manager for Remote Administration in Windows Server IIS

Learn how to install and configure IIS Manager for Remote Administration of your Windows Server IIS web server, in Windows 10. You can use IIS Manager to administer various components of your website through a graphical user interface (GUI), if it’s hosted in IIS.

Getting more out your Windows Performance Counters monitoring for web applications – part 3

IIS AppPool Insights in Zabbix – because there is always more than one way

This is part 3 about Zabbix monitoring for your websites and ASP.NET applications in IIS. This time I’ll show you how to get data from Win32_PerfRawData_PerfProc_Process counter, fast, for everey application pool This counter is notorious for its slowness, but you can get data a bit faster.

ASP.NET web application monitoring in Zabbix, part 2

When you host multiple websites in IIS, and you need to monitor them, Zabbix is one of your options. In Zabbix, you can take advantage of Windows Servers performance counters using perf_counter and perf_counter_en. In this article, I’ll show you some important Windows performance counters to monitor your ASP.NET web application in Zabbix

Monitor IIS application pools in Zabbix, part 1

Microsoft Windows Server IIS monitoring with Zabbix

Zabbix can harnas the powers of WMI (Windows Management Instrumentation) to query the Windows system for data. In Zabbix you use wmi.getall for this. Here is a small introduction to query the number of running w3wp.exe processes per application pool in Zabbix. In this example I’ll be using a Plesk server running IIS 10.0.

Disable Joomla Contacts component (com_contact) in MySQL / phpMyAdmin

How-to disable Joomla’s built-in contact forms component and its ability to send a copy to the sender, directly in your MySQL database using phpMyAdmin

Often the built-in Joomla contact forms component (com_contact) is abused by spammers. These contact forms allow the sender to receive a copy of the form contents. All spammers need to do is enter the email address of the target as sender/from. This way, anyone can use the Joomla contact form for spamming anyone. This short article explains how to disable and combat this.

Disable WordPress XCloner Plugin logger in MySQL / phpMyAdmin

If XCloner Logger option is enabled, it will store a log file inside the xcloner-XXXXX folder inside the backup archive. The file is named xcloner-xxxxx.log. This can generate a huge amount of temporary files and log files on your file system. This short article provides you one SQL statement to disable XCloner log directly in your WordPress MySQL database, using phpMyAdmin.