Simple PowerShell introduction for Windows Server administration, automation and scripting

Windows PowerShell (“PS” for short) is an important tool in Windows Server for administrators. You can use PowerShell for Windows Server administration, software installation, automation, and shell/command-line scripting. Here is a small and simple introduction to Windows PowerShell.

Continue reading

Windows Update error 0xc1420127 and 0xc190010b when upgrading Windows 8.1 to Windows 10

Last weekend I had to update my girlfriends laptop from Windows 8.1 to Windows 10. Some might say, an easy task. Well, it wasn’t. After downloading the Windows 10 update through Windows Update, Windows Update returned errors 0xc1420127 and 0xc190010b, even using the Windows 10 media creation tool. And as always there are many reasons for these errors. In this short post, I’ll provide some possible solutions and tips.

Continue reading

Installing SQL Server Express and Restoring a Database With Powershell

Here’s a PowerShell script, by Microsoft’s Dave Browne, to install SQL Server Express Edition and restore a database from a command line. It’s intended to be used as part of an installation script for an application that needs a local SQL Express instance. But it also demonstrates several SQL Server and Powershell interop features like handling InfoMessages from the server, dealing with resultsets, embedding TSQL commands with Powershell Here Strings.

Continue reading

Threads in C#

Just stumbled upon the Threads in C# blogpost on CsharpStar. The post gives a nice introduction into what threads in the .NET Framework are, and how to use .NET Thread Class (System.Threading.Thread namespace) for multi-threading, foreground- and background threads and so on.

Read the post here: Threads in C#.

.NET Framework 4.6 allows side loading of Windows API Set DLL

Securify reports: A DLL side loading vulnerability was found in the .NET Framework version 4.6 when running on Windows Vista or Windows 7. This issue can be exploited by luring a victim into opening an Office document from the attacker’s share. An attacker can use this issue to execute arbitrary code with the privileges of the target user. This can potentially result in the attacker taking complete control of the affected system. If the WebDAV Mini-Redirector is enabled, it is possible to exploit this issue over the internet. This issue can be exploited even if the Office document is opened in Protected View.

Continue reading

How to install Microsoft’s SQL Server Driver for PHP

In this article I’ll show you how to install the Microsoft SQL Server Driver for PHP 7+. This makes the use of an SQL Server database back-end for your PHP website easy. If you want to communicatie with SQL Server using PHP you need to rely on some additional software and PHP extensions. This post walks you through the steps necessary to install the SQL Server driver and SQLSRV extension for PHP 7+, on Windows Server IIS of course.

Optimize WordPress MySQL tables through Cron, behind the scenes

To regularly optimize my WordPress database tables, I created a small plugin that utilizes the WordPress Cron feature. This comes in handy to perform database optimization for WordPress on a regular basis, without forgetting about it. Just activate and enjoy. And here is the plugin code …

HackRepair.com’s Bad Bots .htaccess in web.config for IIS

Jim Walker from HackRepair.com posted a 2016 version of his Bad Bots .htaccess on Pastebin. I offered Jim to translate his Bad Bots .htaccess to web.config, to be used with Windows Server IIS. And here it is, learn to protect your WordPress website with this web.config file!

IIS URL Rewrite “Rewrite Module error: Expression contains a repeat expression”

How to fix the URL Rewrite Module error “Rewrite error: Expression contains a repeat expression” on Windows Server IIS.

Cracking PHP rand()

Sjoerd Langkemper writes about Cracking PHP rand(): Webapps occasionaly need to create tokens that are hard to guess. For example for session tokens or CSRF tokens, or in forgot password functionality where you get a token mailed to reset your password. These tokens should be cryptographically secure, but are often made by calling rand() multiple times and transforming the output to a string. This post will explore how hard it is to predict a token made with rand().

Continue reading

Recursive scp and symlinks

Recursive scp without following symbolic links. TL;DR: when using recursive scp, symbolic links aren’t preserved and are copied as if they are normal directories. So you have to look for another solution to recursively transfer symlinks over ssh. Here is one: Tar over ssh!

Deny vulnerable WordPress plugins using Windows Server File Server Resource Manager’s File Screens

Using Windows Server File Server Resource Manager‘s File Screens you can block vulnerable WordPress plugins from being saved on your IIS web server. In the following example, you’ll learn how to block WP DB Backup plugin system-wide on Windows Server, read on…

Security Advisory: Stored XSS in Magento

Sucuri reports an stored cross site scripting (XSS) vulnerability in Magento CE <1.9.2.3 and Magento EE <1.14.2.3. This vulnerability affects almost every install of these versions, time to upgrade your Magento webshop!

Continue reading

WhatsApp prepares to share user info with Facebook – Time to switch

Android Authority reports: It was likely only a matter of time before Facebook and WhatsApp became more intertwined after the social media giant purchased the messaging service back in 2014. Now the first clues that closer integration is looming have appeared, as users have managed to find some new options tucked away in the latest beta build.

Continue reading

Install Varnish Cache on CentOS 6.7

In this article I’ll show you how to install Varnish Cache on CentOS, version 6.7 in this case. Varnish is a web application accelerator also known as a caching HTTP reverse proxy. You install it in front of any server that speaks HTTP and configure it to cache the contents. Because Varnish Cache is really, really fast, web applications like WordPress, Drupal and Joomla can greatly benefit from Varnish Cache.