Posted inWindows Server
IIS 10.0 FTP IP Security allow list
Configure an IP whitelist for IIS FTP Server using PowerShell. Learn to secure your Windows Server FTP service (FTPSvc)
Posted inWeb application security
WordPress .htaccess security best practices in Apache 2.4.6+
Apache Access Control done right in WordPress .htaccess, 'Allow/Deny from all' versus 'Require All Granted/Denied'. Since Apache 2.4.6, a new module is used to configure and set up access control for websites: mod_authz_core. This means you have to use a different syntax for allowing or blocking hosts and IP addresses to your website. But unfortunately, old documentation is never updated and people even still write blog posts using that old syntax, leaving you with an unprotected website. Not what you had in mind, now is it?
Posted inWindows Server
What are 4 important security measures for Windows Server & IIS 10?
When you have just installed your new Windows Server, with or without IIS as web server, it is important to take a few extra security measurements. Securing your server is important to keep hackers out and your data safe. This article provides 4 key steps in strengthening your Windows Server web (IIS) or file server security.
Posted inWindows Server
How to enable HTTP Strict-Transport-Security (HSTS) on IIS
Learn how to enable HTTP Strict-Transport-Security (HSTS) response header in Windows Server IIS 10 web servers.
Posted inWeb application security
“htaccess files should not be used for security restrictions”
An article explaining why .htaccess files should not be used to secure sensitive data. In many cases it is wrong to impose security restrictions using .htaccess files.
Posted inWindows Server
Disable ECDH public server param reuse in Windows Server IIS
ECDH public server param reuse is when a server uses the same DH (Diffie-Hellman) key value for multiple handshakes, instead of generating a new one for every handshake. They should be "ephemeral" though which is why it is called "DHE" or "ECDHE", and this means the key is single-use and should never be reused. Windows Server IIS is known for reusing DH key values, but there is a way to disable ECDH public server param reuse in Windows Server IIS.
Posted inPowerShell
Install IIS in Windows 11 using PowerShell
Do you have a need for IIS in your Windows 11 development station? And now you need to install IIS? Internet Information Services (IIS) for Windows is a secure and manageable webserver for hosting anything on the web. Here I describe how to install IIS.
Posted inPowerShell
Calculate SHA-256 checksums in PowerShell
If you need to verify files are untampered with, you have to create a file checksum -or file hash- that you can use to verify. PowerShell offers this functionality with Get-FileHash cmdlet. Or use certutil.exe.
Posted inWindows Server
Windows SID to username and vice versa
Sometimes you need to convert a Windows SID (security identifier) to an username, or vice versa (an username to an SID). In this post I show you a couple of methods to translate the one into the other. One is using VBScript and one is using PowerShell.
Posted inPowerShell
Install Windows Updates using PowerShell
In this post I show you how to use PowerShell to install Windows Updates. Quickly and silently. This makes the use of PSWindowsUpdate module perfect for your day to day automation. The module even supports scheduling (on remote computers too!), it has the ability to search WSUS and Windows Update for updates, scheduling and performing the download and installation of updates.
Posted inPowerShell
Send email with PowerShell
In this post I provide you with a small PowerShell function you can use to send email over a TLS secured SMTP connection with SMTP authentication. As a framework you can use in your own scripting and extend it. You can even create a PowerShell module of it.
Posted inWordPress
Are you in my blocklist?
Is your IP address in my WordPress .htaccess block list? Here are IP addresses I block manually because of comment spamming.
Posted inWindows Server
Create an additional SQL Server Login
Here is a small T-SQL snippet that creates an additional (extra) SQL Server Login (User) for contained databases in SQL Server. It sets memberships too.
Sysadmins be welcome
Sysadmins of the North is just technical blog, like so many others out there. Here I write about IT stuff that I find interesting, problems I encountered and solved. Topics include computer, server, web, sysadmin, database, virtualization, optimization and security.
For the most part, I write as it comes; posts may seem incoherently written sometimes (my apologies :-) ). Drop me a comment somewhere to say hi, or discuss about any of the topics. I always love the interaction!
Posted inWindows Server
Windows 11/10 and WSL 2 DevOps environment
In this post I showed you how you can turn Windows 11 and Windows 10 with WSL into a fully fledged development environment. Here are the settings and tools I use for DevOps/SysOps on Windows. It may take some getting used to, but if you're as shortcut-Ninja as I'm (I alt-tab, ctrl-c/ctrl-v a lot), you can work pretty fast in this set up.