Basic Authentication module for Windows Server IIS 10
HTTP Basic Authentication managed module for IIS enables HTTP Basic Authentication with virtual user support in Windows Server IIS.
Tag web.config
Read MoreBasic Authentication module for Windows Server IIS 10
Protect WordPress from brute-force XML-RPC attacks
How to protect your WordPress from brute-force XML-RPC attacks, because the WordPress XML-RPC API has been under attack for many years now.
HackRepair.com’s Bad Bots .htaccess in web.config for IIS
Learn to protect your WordPress website with this web.config file on Windows Server IIS. Block IP addresses, bad bots, query string sequences
IIS URL Rewrite Module “Rewrite Module error: Expression contains a repeat expression”
Fix for IIS URL Rewrite Module error "Rewrite Module error: Expression contains a repeat expression"
How to block BaiduSpider bot User-Agent?
The Baidu spider (BaiduSpider user agent) can be a real pain to block, especially since it does not respect a robots.txt as it should. This post shows you how to block Baidu Spider bot, using IIS URL Rewrite Module based on its User-Agent string.
How to enable HTTP Strict-Transport-Security (HSTS) on IIS
Set up HTTP Strict-Transport-Security (HSTS) response header in Windows Server IIS 10, here is some more technical information about HSTS in IIS, and other security headers...
Huge increase in WordPress xmlrpc.php POST requests
How to identify, block, mitigate and leverage xmlrpc.php scans, brute-force, and user enumeration attacks on WordPress sites... Secure WordPress xmlprc.php interface and reduce service disruption.
Remove IIS Server version HTTP Response Header
Windows Server IIS loves to tell the world that a website runs on IIS. It does so with the "Server:" header in the HTTP response, as shown below. In this post I'll show you how to remove HTTP response headers in Windows Server IIS. You don't want to give hackers too much information about your servers, right?.
Convert .htaccess to web.config
This post describes some of the IIS URL Rewrite Module web.config equivalents of commonly used Apache .htaccess settings. You'll learn how to translate .htaccess content to IIS web.config, this is useful when you need to migrate your website from Apache to Windows Server IIS.
“The length of the URL for this request exceeds the configured maxUrlLength value”
![[HttpException (0x80004005): The length of the URL for this request exceeds the configured maxUrlLength value.]](https://www.saotn.org/wp-content/uploads/2025/06/Length_of_URL_for_request_exceeds_maxUrlLength_value-11-768x422.png)
The length of the URL for this request exceeds the configured maxUrlLength value is an IIS error telling you the length of the given URL exceeds a limit. The Windows Server IIS maximum URL length is defined by the HttpRuntimeSection.MaxUrlLength property. Its value is 260 characters. This may cause problems with longer URLs, and here is how to resolve this maxUrlLength issue.