Category Archives: Internet

Adding Strict Transport Security Response Header in IIS

Make sure the web.config file in the root directory of your website is not set to read only on the properties page for that file.

Open Internet Information Services Manger.  Select the website where you want to add this Strict-Transport-Security response header.  Double click and select the Icon for HTTP Response Headers.

In HTTP Response Headers window, click on Add… on the right pane and type in Strict-Transport-Security for Name and max-age=63072000; includeSubDomains; preload for Value and click OK. The max-age value 63072000 is the number of seconds for the duration of two years. You need to enter a value of at least one year.

Source URL for this information:

https://www.itnota.com/setup-http-strict-transport-security-hsts-iis/

Disable xmlrpc.php in WordPress

See: https://www.hostinger.com/tutorials/xmlrpc-wordpress

What Is Xmlrpc.php in WordPress and Why You Should Disable It

Simply navigate to the Plugins › Add New section from within your WordPress dashboard. Search for Disable XML-RPC and install the plugin .

If you’d want to only turn certain elements of XML-RPC off, but still allow certain plugins and features to work, then use the following plugins instead:

  • Stop XML-RPC Attack. This plugin will stop all XML-RPC attacks, but it’ll continue to allow plugins like Jetpack, and other automatic tools and plugins to retain access to the xmlrpc.php file.
  • Control XML-RPC Publishing. This allows you to retain control and use over the remote publishing option afforded by xmlrpc.php.

Managing Mailbox Size and Quota on Exchange Server 2016

See:

https://theitbros.com/mailbox-size-and-quota-exchange-server/

Global Settings:  You can configure mailbox quotas from the Exchange admin center (EAC) web interface. To do this, go to the section Servers > Databases > select the required databaseProperties > Limits.  Set the necessary quotas on the Limits tab.

 

 

Customize Per Mailbox:  Mailbox quota settings can also be changed from EAC (Recipients Mailboxes > Properties > Mailbox usage > More Options > Customize the quota settings for this mailbox).

 

Example:  Change to “unlimited” instead of 2GB default maximum.

Issue a warning at (GB)  9.9

Prohibit Send at (GB)  “unlimited”

Prohibit send and receive at (GB) “unlimited”

Click “Save”

 

Creating Redirect in IIS7 from HTTP to HTTPS after Installing SSL Certificate

IIS Redirect HTTP to HTTPS

Setting up an HTTP/HTTPS redirect in IIS

Once the SSL certificate is installed, your site still remains accessible via a regular insecure HTTP connection. To connect securely, visitors must specify the https:// prefix manually when entering your site’s address in their browsers.

In order to force a secure connection on your website, it is necessary to set up a certain HTTP/HTTPS redirection rule. This way, anyone who enters your site using a link like “yourdomain.com” will be redirected to “https://yourdomain.com” or “https://www.yourdomain.com” (depending on your choice) making the traffic encrypted between the server and the client side.

Below are steps to setup a IIS HTTPS redirect:

    1. Download and install the “URL Rewrite” module.
    2. Open the “IIS Manager” console and select the website you would like to apply the redirection to in the left-side menu:
    3. Double-click on the “URL Rewrite” icon.
    4. Click “Add Rule(s)” in the right-side menu.
    5. Select “Blank Rule” in the “Inbound” section, then press “OK”:
    6. Enter any rule name you wish.
    7. In the “Match URL” section:- Select “Matches the Pattern” in the “Requested URL” drop-down menu 
      – Select “Regular Expressions” in the “Using” drop-down menu 
      – Enter the following pattern in the “Match URL” section: “(.*)” 
      – Check the “Ignore case” box
    8. In the “Conditions” section, select “Match all” under the “Logical Grouping” drop-down menu and press “Add”.
    9. In the prompted window:
      – Enter “{HTTPS}” as a condition input 
      – Select “Matches the Pattern” from the drop-down menu 
      – Enter “^OFF$” as a pattern 
      – Press “OK”
    10. In the “Action” section, select “Redirect” as the action type and specify the following for “Redirect URL”:https://{HTTP_HOST}{REQUEST_URI}
    11. Check the “Append query string” box.
    12. Select the Redirection Type of your choice. The whole “Action” section should look like this:

NOTE: There are 4 redirect types of the redirect rule that can be selected in that menu: 
– Permanent (301) – preferable type in this case, which tells clients that the content of the site is permanently moved to the HTTPS version. Good for SEO, as it brings all the traffic to your HTTPS website making a positive effect on its ranking in search engines. 
– Found (302) – should be used only if you moved the content of certain pages to a new place *temporarily*. This way the SEO traffic goes in favour of the previous content’s location. This option is generally not recommended for a HTTP/HTTPS redirect. 
– See Other (303) – specific redirect type for GET requests. Not recommended for HTTP/HTTPS. 
– Temporary (307) – HTTP/1.1 successor of 302 redirect type. Not recommended for HTTP/HTTPS.

  1. Click on “Apply” on the right side of the “Actions” menu.

The IIS redirect can be checked by accessing your site via http:// specified in the URL. To make sure that your browser displays not the cached version of your site, you can use anonymous mode of the browser.

The rule is created in IIS, but the site is still not redirected to https://

[Skip to #6 and #7 Below “SOLVED.” This is my recommended tip which I doubt that you will find elsewhere on the net.  You will see the logic.]

Normally, the redirection rule gets written into the web.config file located in the document root directory of your website. If the redirection does not work for some reason, make sure that web.config exists and check if it contains the appropriate rule.

To do this, follow these steps:

  1. In the sites list of IIS, right-click on your site. Choose the “Explore” option:
  2. “Explore” will open the document root directory of the site. Check if the web.config file is there.
  3. The web.config file must have the following code block:
    <configuration>
     <system.webServer>
     <rewrite>
     <rules>
     <rule name="HTTPS force" enabled="true" stopProcessing="true">
     <match url="(.*)" />
     <conditions>
     <add input="{HTTPS}" pattern="^OFF$" />
     </conditions>
     <action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" redirectType="Permanent" />
     </rule>
     </rules>
     </rewrite>
     </system.webServer>
    </configuration>
  4. In Windows File Explorer on the IIS Server, open the web.config file using a good editor like Notepad++.  Make sure the elements of this rule are contained between one set of beginning and ending rule elements, that is between <rule> {redirect rule code goes here] </rule>.  There may have been one or more existing rules already configured between the “<rules></rules>” elements.
  5. If the web.config file is missing, you can create a new .txt file, put the aforementioned code there, save and then rename the file to web.config.
  6. [SOLVED]  Go into your IIS Management Console and click to select your website name on the left menu.  Click “Bindings” on the far right action column.  In the bindings page dialog, you should see an existing “https” host header for yourdomain.com that has the SSL certificate bind to it in order to handle SSL.  Make sure you ADD an http: host header for www.yourdomain.com and ADD an http: host header for yourdomain.com (without the www) to handle Non-SSL.  YOU NEED THE NON-SSL headers to capture the web query before it can be redirected to https SSL for the encryption to be handled by your SSL Certificate.
  7. [SOLVED] ALSO, make sure NOT to require SSL from within IIS.  Select your website on the left.  Double click on the SSL icon in the middle pane.  CLEAR THE CHECKBOX THAT WOULD REQUIRE SSL.  APPLY.
  8. Click the text Restart link on the far right pane / column of the IIS management console (mmc snapin) to restart the websits.
  9. Open and CMD.exe prompt from the Start / Run in Windows Server.
  10. Stop and Start the Web Service.  In the command prompt window, type “net start w3svc” and [Enter]. Wait until the service is stopped.  Then, type “net start w3svc” and [Enter]. Wait until the service is started.  Close the command prompt window (X out or exit).
  11. Go test the website from a remote browser by typing in the address bar www.yourdomain.com and it should properly redirect to https//your domain.com.  Accomplished.  

If this article helped you and saved considerable time and effort, please consider donating a little something through paypal to support continued hosting of this site.  Thank you.




The Battle to Save Net Neutrality

The FCC votes to rescind the NET NEUTRALITY regulations on December 14, 2017.  We have only a couple weeks to contact Congress to stop the FCC from messing up our internet.

What CAN I DO RIGHT NOW?

Email Congress – Sample Letter Included

Call Congress from your PC – Sample Telephone Script Included

Attend a Protest at your local Verizon Store on December 7, 2017.

Read More on FCC plans to repeal net neutrality rules. Article by Margaret Harding McGill 11-20-2017 on Politico.com 

Read and download the FCC’s current Declaratory Ruling – WC Docket No. 17-108

Remove the Tab to Open Microsoft Edge in Internet Explorer of Windows 10

Starting with Windows 10 build 15002, a new tab called “Open Microsoft Edge” has been added to the tab bar of Internet Explorer.  This Edge Tab is situated next to the New Tab button on the Tab Bar.

This article will show you how to remove this Open Microsoft Edge Tab.

1. Click/tap on the Tools (Alt+X) button in Internet Explorer, and click/tap on Internet Options. (see screenshot below)

 

2. Click/tap on the Advanced tab in Internet Options, check (remove) or uncheck (default add) the Hide the button (next to the New Tab button) that open Microsoft Edge option under the Browsing section for what you want, and click/tap on OK. (see screenshot below).  Click Apply button, Click OK.

3. Close and reopen Internet Explorer to see that the change has been applied and that the unwanted Tab is gone.

Bye the way, Microsoft wants you to use the Edge browser because all of your searches and your browsing habits are stored to the BING CLOUD.  Microsoft can use your browsing habits to serve you targeted ads in Microsoft Edge.  So far, Microsoft has not chosen to do this when you use Internet Explorer.  I recommend disabling Edge to the maximum extent possible.  Don’t use the Windows 10 apps for “Contacts” or “Mail” or Calendar.  All the content of these Windows 10 Apps is sifted by Microsoft and the content is stored in the Bing Cloud.  Don’t use Cortana.  Same reasoning.  Disable it until it only serves as a file search box.  Finally, go into “Start,” “Settings,” and “Privacy,” and turn OFF as much information leaking functionality as possible, which would otherwise allow apps and Microsoft Windows 10 to store and use your personal information, and the personal information of your contacts, business associates, clients, etc.  Never Log into Windows 10 with your Windows Account ID.  Never authorize the use of your Windows Account ID as the default configuration.  As soon as you enable an APP from the Windows App store, you will be asked to make that default authorization.  You might skip right past it.  That is their intent. 

Allow Remote Desktop for Administration on Windows Server 2008 R2

https://technet.microsoft.com/en-us/library/cc742816(v=ws.11).aspx

Using Remote Desktop

Applies To: Windows Server 2008 R2

To allow remote connections for administrative purposes only, you do not have to install the RD Session Host role service. Instead, you enable Remote Desktop on the computer that you want to remotely administer.

noteNote
Remote Desktop supports only two concurrent remote connections to the computer. You do not need Remote Desktop Services client access licenses (RDS CALs) for these connections.

You can use the following procedure to enable Remote Desktop on a Windows Server 2008 R2 computer.

Membership in the local Administrators group, or equivalent, on the computer that you plan to configure, is the minimum required to complete this procedure.

To enable Remote Desktop

  1. Start the System tool. To start the System tool, click Start, click Run, type control system and then click OK.
  2. Under Tasks, click Remote settings.
  3. In the System Properties dialog box, on the Remote tab, click either of the following, depending on your environment:
    • Allow connections from computers running any version of Remote Desktop (less secure)
    • Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)

    For more information about the two options, click the Help me choose link on the Remote tab.

  4. Click Select Users to add the users and groups that need to connect to the computer by using Remote Desktop. The users and groups that you add are added to the Remote Desktop Users group.
    noteNote
    Members of the local Administrators group can connect even if they are not listed.