IIS 10.0 FTP IP Security allow list
In this post I’ll show you how to configure an IP whitelist for IIS FTP Server using PowerShell iisadministration and webadministration modules
Search Results for: security
WordPress .htaccess security best practices in Apache 2.4.6+
Apache Access Control done right in WordPress .htaccess, ‘Allow/Deny from all’ versus ‘Require All Granted/Denied’. Since Apache 2.4.6, a new module is used to configure and set up access control for websites: mod_authz_core. This means you have to use a different syntax for allowing or blocking hosts and IP addresses to your website. But unfortunately, old documentation is never updated and people even still write blog posts using that old syntax, leaving you with an unprotected website. Not what you had in mind, now is it?
What are 4 important security measures for Windows Server & IIS 10?
When you have just installed your new Windows Server, with or without IIS as web server, it is important to take a few extra security … Read More
How to enable HTTP Strict-Transport-Security (HSTS) on IIS
Set up and enable HTTP Strict-Transport-Security (HSTS) in Windows Server IIS 10 web servers. And here is some more technical information about HSTS in IIS, and other security headers…
“htaccess files should not be used for security restrictions”
An article explaining why .htaccess files should not be used to secure sensitive data. In many cases it is wrong to impose security restrictions using .htaccess files.
Windows 11/10 and WSL 2 DevOps environment
In this post I showed you how you can turn Windows 11 and Windows 10 with WSL into a fully fledged development environment. Here are the settings and tools I use for DevOps/SysOps on Windows. It may take some getting used to, but if you’re as shortcut-Ninja as I’m (I alt-tab, ctrl-c/ctrl-v a lot), you can work pretty fast in this set up.
YubiKey support in OpenSSH for Windows 11 and Windows 10
In this post, I’ll show you how to properly install Microsoft OpenSSH client in Windows 11 and Windows 10, and how to configure your YubiKey.
How to install IIS Web Management Service (WMSVC) using PowerShell in Windows Server Core
Here is a short post for you on how to install and enable IIS Web Management Service (WMSVC) in Windows Server Core, using PowerShell. This allows you to remotely manager your IIS webservers.
3 Ways of blocking sendmail.php on IIS webserver
Here are 3 ways of blocking access to a PHP sendmail.php script on your Windows Server IIS webserver. This comes in handy if a websites on your webserver sends out spam and you need to block access to a script on a specific website or globally in IIS. You can use a web.config file for this purpose, and here is how.
How to add, list and remove IP addresses in Windows Firewall
Here is how to bulk add IP addresses in the Windows Firewall, list an IP address and remove all IP addresses from Windows Defender Firewall with Advanced Security. In Windows 11, 10 and Windows Server
Block brute force attacks on SQL Server, block IP addresses in Windows Firewall using PowerShell
This PowerShell solution blocks IP addresses that are trying to brute force your SQL Server logins, by blocking IP addresses in Windows Defender Firewall with Advanced Security, using PowerShell. You can use this to create your own solution to block offending IP addresses in SQL Server’s firewall.
Windows Defender: Turn off routine remediation
Here is how to (temporarily) turn off routine remediation in Windows Defender Antivirus (WinDefend). During the transition of antivirus software to Windows Defender Antivirus (WinDefend), I don’t want Windows Defender remediation on threats it might find. Later, when I have more information about potential threats, I can always choose to remediate that threat, e.g. quarantaine or remove it.
Install and setup IIS Manager for Remote Administration in Windows Server IIS
Learn how to install and configure IIS Manager (InetMgr) for Remote Administration of your Windows Server IIS web server, in Windows 10. You can use IIS Manager to administer various components of your website through a graphical user interface (GUI), if it’s hosted in IIS.
Force HSTS in Apache .htaccess
Learn how to enable HSTS (HTTP Strict Transport Security) in Linux Apache .htaccess
Manually install OpenSSH in Windows Server
How to install OpenSSH Server in Windows Server Core using PowerShell. In this tutorial, you’ll learn how to install Microsoft SSH Server in Windows Server 2022