IIS

Internet Information Services, the HTTP web service on Windows Server

HTTPS for WordPress

Redirect HTTP to HTTPS

In this post I provide you various HTTP to HTTPS redirection methods, for Windows Server IIS and Linux Apache. In web.config and .htaccess. Use these examples to your advantage to secure the traffic between your visitors and your website.

How to set a good PHP realpath_cache_size

Learn how to set a good PHP realpath_cache_size and optimize your PHP performance. . Increasing realpath_cache_size might greatly improve PHP performance, as PHP states: “this value should be increased on systems where PHP opens many files.” Setting a correct value for PHP realpath_cache_size can greatly improve PHP performance and optimize WordPress – and other CMS’s – websites.

Microsoft Internet Information Services logo

Conditionally start Application Pools on remote IIS web servers

Here is how to start stopped application pools on IIS with AppCmd or PowerShell in a loop.

In my routine, I occasionally have to start multiple website application pools when they are in a stopped state. On more than one web server. Being a lazy system administrator, I find it too much work to log on every server. Therefore I start those application pools in a loop. A condition for me to start application pools is that the IIS ApplicationPool.AutoStart Property is set to true. This is because I set autostart to false when I disable hacked websites, and those application pools may not be started until all problems are resolved of course.

Mod_evasive on IIS

Mod_evasive is a module for Apache and Windows Server IIS (using Helicon Ape). It provides protection and evasive action in the event of an HTTP DoS-, DDoS or brute force attack. Detection is performed by creating an internal dynamic hash table of IP Addresses and URIs, and denies an IP address access to a website if it’s requesting the same page more than 10 times a second. This is configurable.

Microsoft Internet Information Services logo

Remove IIS Server version HTTP Response Header

Remove HTTP response headers in Windows Server IIS 10 and ASP.NET because Windows Server IIS loves to tell the world that a website runs on IIS. It does so with the Server header in the HTTP response. Here is how w to remove Server and other HTTP response headers in Windows Server IIS and ASP.NET. Using web.config files. You don’t want to give hackers too much information about your servers, heh? ;-)

How to hide the .php file extension with IIS URL Rewrite Module

Sometimes it’s important to remove -or hide- the file extension of scripts you use. Security by obscurity might be that reason, if you don’t want others to know what script language you are using for your website, or for static site hosts. This example will hide the .php extension using IIS URL Rewrite Module, in a ready to use web.config & .htaccess example: extension less URLs in IIS.