In this post I provide you various HTTP to HTTPS redirection methods, for Windows Server IIS and Linux Apache. In web.config and .htaccess. Use these examples to your advantage to secure the traffic between your visitors and your website.
WordPress xmlprc.php DDoS and brute-force attacks. How to identify, block, mitigate and leverage these xmlrpc.php scans, brute-force, and user enumeration attacks on WordPress sites… Secure WordPress xmlprc.php interface and reduce service disruption.
Remove HTTP response headers in Windows Server IIS 10 and ASP.NET because Windows Server IIS loves to tell the world that a website runs on IIS. It does so with the Server header in the HTTP response. Here is how w to remove Server and other HTTP response headers in Windows Server IIS and ASP.NET. Using web.config files. You don’t want to give hackers too much information about your servers, heh? ;-)
Learn how to use URL Rewrite Outbound Rules in IIS, to offload content from a different server or host name. This way IIS with URL Rewrite acts as a reverse proxy. Add gzip compression to the mix, and this will improve website performance. In this post, I’ll also show you how to fix the URL Rewrite Module error “Outbound rewrite rules cannot be applied when the content of the HTTP response is encoded (“gzip”).” in IIS.
Learn to block WordPress comment spammers manually. The less spammers hit your WordPress blog, the better your blog performs, is one of my opinions. A second is, the less unnecessary plugins you use on your WordPress blog, the better. So, a little while ago I decided to remove plugins like Stop Spammer Registration Plugin and do its work myself. Here is why & how.
WordPress 3.5 on IIS 8.0 is unable to save a web.config file because of a hard IIS version check in wp-includes/vars.php. Quick fix available here.
This post describes some of the IIS URL Rewrite Module web.config equivalents of commonly used Apache .htaccess settings. This is useful when you convert your Apache .htaccess to IIS web.config. The second part of this post outlines how to use Internet Information Services Manager to import and convert .htaccess rules to web.config.
The Windows Server IIS maximum URL length is defined by the HttpRuntimeSection.MaxUrlLength property. Its value is 260 characters. This may cause problems with longer than configured maxUrlLength URL’s, and here is how to resolve this issue…
I needed a HTTP blocklist. Block and filter unwanted web HTTP traffic with blocklists, on both IIS and Apache webservers. Protect your website easily with this PHP blocklist class. Let’s create our own little HTTP filter.