...here is some more technical information about HSTS in IIS, and other security headers… Learn how to enable HTTP Strict-Transport-Security (HSTS) in Windows Server IIS and enhance your website’s security....
...Policy Object Network Security: Extended Protection for Authentication available at: Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Security Options. Enable this one. Extended Protection for Authentication GPO Hardened UNC Paths Enabling Hardened UNC...
...clients (set to $false) on # your virtual FTP Site in IIS. #> Set-WebConfigurationProperty -Filter /system.ftpserver/security/ipsecurity -Name allowUnlisted -Value "True" -PSPath 'IIS:' Set-WebConfigurationProperty -Filter /system.ftpserver/security/ipsecurity -Name allowUnlisted -Value "False" -PSPath...
Windows Hello Security: Touch your security key
...misspelled or defined by a module not included in the server configuration I find it hard to believe so called “WordPress Security” companies still write posts explaining the old, non-functional,...
Lego security officer keeping your sites secure
...AM DESKTOP-JS… Security Update KB4570334 NT AUTHORITY\SYSTEM 8/12/2020 12:00:00 AM DESKTOP-JS… Security Update KB4577266 NT AUTHORITY\SYSTEM 9/9/2020 12:00:00 AM DESKTOP-JS… Security Update KB4580325 NT AUTHORITY\SYSTEM 10/14/2020 12:00:00 AM DESKTOP-JS… Security...
...enable HTTP Strict-Transport-Security (HSTS) on IIS, HTTP Strict Transport Security (HSTS) is a web security policy mechanism which is necessary to protect secure HTTPS websites against downgrade attacks, and which...
...security by obscurity (are you?), removing common server response headers is often advised by security experts. Attackers might gain a lot of information about your server and network, just by...
...YubiKey when requested. Switch YubiKey and execute this step again. Done Windows Hello Security: Touch your security key You’re all done. Ssh config file tweaks Some tweaks to the stock...
...Advanced Security. Using PowerShell ofcourse. This post explains how to bulk add IP addresses in Windows Firewall, list an IP address and how to remove all IP addresses from Windows...
...Protip: while you’re at it read my important 4 security measurements for Windows Server & IIS. Also, verify you’ve disabled SSLv3, TLS 1.0, and TLS 1.1. Acunetix provides you with...
...Transfer Protocol whereby an SMTP client may log in using an authentication mechanism chosen among those supported by the SMTP server. What is Transport Layer Security (TLS)? Transport Layer Security...
...the configured maxUrlLength value” 3 Ways of blocking sendmail.php on IIS webserver IIS-NetFxExtensibility45 IIS-HealthAndDiagnostics IIS-HttpLogging IIS-RequestMonitor IIS-HttpTracing IIS-URLAuthorization IIS-IPSecurity IIS 10.0 FTP IP Security allow list (can also be used...
...<httpRedirect enabled="false" destination="https://example.com" httpResponseStatus="Permanent" /> Don’t forget to enable HTTP Strict-Transport-Security (HSTS) on IIS. HSTS improves security and prevents man-in-the-middle attacks, downgrade attacks, and cookie-hijacking. And there are a number...
Sometimes you need to create an additional SQL Server Login (user) for your database (databases). Here is a small T-SQL snippet that creates such a login for contained databases in...
...email address and its password are used to log on. Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide communication security over the...
...Windows Defender Antivirus - KB2267602 (... 2 DESKTOP-J... Downloaded KB2267602 574MB Security Intelligence Update for Windows Defender Antivirus - KB2267602 (... 3 DESKTOP-J... Installed KB2267602 574MB Security Intelligence Update for...
...in Survive The Deep End: PHP Security: Release 1.0a1 (PDF): […] The options here are somewhat obvious, configuring PHP to use SSL properly is added complexity that programmers are tempted...
...file. All other IP addresses are blocked. The location tag means the rules only apply to the path mentioned. In this case the file xmlrpc.php. <location path="xmlrpc.php"> <system.webServer> <security> <ipSecurity...