Our servers look for the following home page names in the following order:

default.asp
default.aspx
default.htm
default.html
index.asp
index.aspx
index.htm
index.html
home.asp
home.aspx
home.htm
home.html

If you are on a ColdFusion plan, the servers use the following list of home page names:

default.asp
default.cfm
default.htm
default.html
index.asp
index.cfm
index.htm
index.html
home.asp
home.cfm
home.htm
home.html

This example displays one message to users of Internet Explorer 4.01 and higher,
and a different message to all others: < >

<% Set bc = Server.CreateObject("cyScape.browserObj")
if bc.Browser <> "IE" AND bc.Version >= 4.01 then
response.write "I like your browser"
else
response.write "Please update your browser"
end if %>

This example redirects the user to an alternative page if their browser is not IE or Netscape version 4 or above.

<%
set bh = server.createobject("cyScape.browserObj")
v = bh.version
b = bh.browser
if (v>=4) and (b="IE" or b="Netscape") then
else
response.redirect("UpdateBrowser.asp")
end if
set bh = nothing
%>

Browsehawk, browser, explorer, update browser

We have a partnership with GeoTrust that allows us to offer our clients with a discounted rate on 128-bit SSL certificates.

Here is a link to the certificate that we offer our clients:
http://www.geotrust.com/ssl/ssl-certificates-premium/

We offer this certificate for $149 plus a $25 installation fee. If you are interested, please send the following information to support@enterhost.com.

Here is the information we need to order the certificate:

Canonical Name:
Organization:
Organizational Unit:
Location City:
State:
Country:

Here is a sample of the information from our certificate:
CN = www.enterhost.com
O = Enterhost
OU = System Administration
L = Fort Worth
S = Texas
C = US

Once you have emailed this information to support@enterhost.com, we will be able to order the certificate.

SSL stands for secure sockets layer. It is used mostly in communication between web browsers and web servers to enable encrypted, authenticated communications across the Internet. SSL provides three important things: Privacy, Authentication, and Message Integrity.

SSL, GeoTrust, certificate, secure certificates, security, e-commerce, shopping cart, QuickSSL Premium, QuickSSL

Enterhost offers QuickSSL Premium web certificates from GeoTrust, the world's second largest digital certificate provider. Geotrust provides technology to enable organizations of all sizes to secure e-business transactions in a cost-effective manner. With the QuickSSL, your website can be protected in as little as ten minutes. The QuickSSL Premium provides a 128-bit SSL encryption to prevent anyone from gaining access to or altering confidential information. Also included with the certificate is the GeoTrust Smart Seal' to guarantee online visitors that they will receive the highest level of encryption possible

Geotrust, QuickSSL, QuickSSL Premium, certificate, certificate provider, e-business, e-commerce, secure, security, 128-bit, encryption, confidential information, smart seal

You can use the following ASP script in the pages you would like to redirect. This script will also work with HTML pages. You will need to email the Support Team to have your HTML pages process as ASP pages.

<CODE><%@ Language=VBScript %>
<%
Response.Status="301 Moved Permanently"
Response.AddHeader "Location", "http://www.yourdomainname.com/new-page.asp"
%> </CODE>

For ASP.NET pages, you can use the following script.

<CODE><script runat="server">
private void Page_Load(object sender, System.EventArgs e)
{
Response.Status = "301 Moved Permanently";
Response.AddHeader("Location","http://www.yourdomainname.com/new-page.asp");
}
</script></CODE>

You can find more information at the following URL.

http://www.seoconsultants.com/tips/asp/301.asp

We have configured SmarterMail and SmarterStats to run through IIS. This will allow you to have more control over the configuration options of the web service. To view the tools through the web, you will need to add host headers for SmarterMail IIS website.

>Open IIS
>Find the SmarterMail or SmarterTools website
>Right-click on the website and click properties
>Click 'Advanced' at the top
>Add a host header with the following values

IP address: The current IP address of the mailserver for Smartermail
Port: 80
Host Header Value: mail.daisysflowershop.com for mail domains
stats.daisysflowershop.com for stats
helm.daisyflowershop.com for helm control panel

Once this host header is added, you will be able to view the link http://mail.daisysflowershop.com or http://stats.daisysflowershop.com

Smartermail, Smarterstats, web access, webmail, statistics

You instruct IIS to deny connections to specific IP addresses.

>Open IIS on the desktop

>Expand the websites you want to restrict access to.

>Right click the website and select "Properties" from the drop down menu.

>Click on the "Directory Security" tab at the top.

>In the section titled "IP Address and domain name restrictions", click the the "Edit" button.

>Select the "Denied access" radio button and click the the "Add" button from the "Deny Access" window.

>Select the option next to Single Computer

>Enter the IP address you want to block

>Click Ok, and ok to close the menus

block IP address, block connections, block access

To manage multiple sites on one IP address, you will have to use host headers to allow different IIS sites to listen for different requests.

>Open Internet Information Services (IIS) on the desktop
>Browse to the website you have setup and right-click and select Properties
>Click advanced at the top.

Here, add a host header that is appropriate to your situation. For example, below is the recommended setup for the domain daisysflowershop.com. As you see below, you will need two host headers, one for the www and one for the root domain.

IP address: 10.15.1.10
Port: 80
Host Header Value: daisysflowershop.com

IP address: 10.15.1.10
Port: 80
Host Header Value: www.daisysflowershop.com

The following website will explain the Host Headers in further detail if you have any questions.

http://support.microsoft.com/?id=324287

multipe sites, multiple domains, multiple web sites, single IP

You can use any of the availble IP address on your server for testing. You simply need to add the required Host Header to your website to test it.

>Open Internet Information Services Manager (IIS) on your desktop
Expand the server and websites
Right-click on the website you are working with and click properties

Click advanced at the top.
Here, add a host header for any IP address attached to your server.
IP address: (select the first IP in the range)
Port: 80
Host Header Value: (blank)

You can repeat these steps to test up to 5 sites at once. Simply repeat the steps using a different IP address.

temporary IP, test website, propagation, test

We have a support demo available on our support center you can use to delete the accounts. Perform the steps in the reverse order.

delete domain

For your convenience we have provided you a temporary URL you can use to test website functionality before officially transferring the domain.

Open Internet Information Services Manager (IIS) on your desktop

Expand the server and websites

Right-click on the website you are working with and click properties

Click advanced at the top.

Here, add a host header for the temporary URL we have provided you.

IP address: (select the first IP in the range)

Port: 80

Host Header Value: (your temporary URL, ex. a00.protectedsite.net or AA100.temporaryurl.net)

This URL will only work on one website at a time so you will need to remove it from the first site before adding it to additional sites.

temporary, url, dns, propagation

You will need to use the Internet Information Services Manager (IIS) to import/export your certificate.

To Import the certificate from a .pfx file

Open Internet Information Services Manager (IIS) on your desktop
Expand the server and websites
Right-click on the website you are working with and click properties
Click the 'directory security' tab at the top then select Server Certificate'
Select 'Import a certificate from a .pfx file' and click next'
Browse the certificate
Check the option Mark cert as exportable'. This will allow you to export the certificate at a later date.
Click 'next'
Type the password used to export the certificate
Enter '443' for the SSL port
Click 'Next'
Click 'Next'
Click 'Finish'
Click the 'Web Site' tab at the top
Enter '443' for the SSL port if it is not already there.
Click 'ok'

To Export the certificate to a .pfx file

Open Internet Information Services Manager (IIS) on your desktop
Expand the server and websites
Right-click on the website you are working with and click properties
Click the directory security' tab at the top then select 'Server Certificate'
Select export the current certificate to a .pfx file' and click 'next'
Select the file to save the certificate to and click next'
Type and confirm the password
Click 'Next'
Click 'Next'
Click 'Finish'

ssl, import, export, csr, pfx

When you browse to a website and it does not prompt you for a password, it is using the Anonymous user privileges built into to Windows/IIS. To accomplish this task, you will remove the anonymous users using the Directory Security tab in IIS.

To add security you will first need to remove anonymous access from the website.

Open IIS
Right click on the website and click properties Click Directory Security at the top Uncheck the box at the top that ready allow anonymous access Click ok.
You will now be prompted for a username and password when you try to access the site.
The users it uses to authenticate are located in Computer Management Local Users and Groups

Once you add the user, you will need to add the appropriate permissions to the home directory of the website. For example, if we wanted to give john.doe access to the website www.daisysflowershop.com.

Create User

Open Computer Management
Browse to Local Users and Groups and click users Right Click users and click New User
Type in the username, password, and confirm password
Uncheck User must change password
Check User can not change password
Check Password never expires
Click ok'.
Apply Permissions

Locate the home directory of the website.

Open Internet Information Services Manager (IIS) on your desktop
Expand the server and websites
Right-click on the website you are working with and click properties
Click the Home Directory tab at the top of the screen
Note the directory and close IIS

Apply permissions to home directory

Open Windows Explorer
Browse to the directory located in the previous step
Right-click the directory and click properties
Click the security tab at the top
Click Add
Type the user you created, in this case, john.doe
Click ok'
Set the desired permissions for the user and click ok.
The same steps can apply to subdirectories/subfolders as well as virtual directories.

domain, security, authentication, anonymous

FLV files are not enabled if your FLV videos are not working or you are receiving the error:

NetStream.Play.StreamNotFound

In order to correctly display FLV files, you will have to add the appropriate MIME type to recognize the file.

Open Internet Information Services Manager (IIS) on your desktop
Expand the server and websites
Right-click on the website you are working with and click properties
Click the tab HTTP Headers
Click MIME Types
Click New and add the following MIME type
Extension: .flv
MIME Type: video/x-flv
Click ok', ok', and ok' to exit out.

flash, mime, flash video

A bad request (invalid hostname) usually means that IIS is not configured to accept requests for the URL you entered.

Open Internet Information Services Manager (IIS) on your desktop
Expand the server and websites
Right-click on the website you are working with and click
Click advanced at the top
Here you must list every URL this website will respond to. In most cases you will need two entries, one for www.daisysflowershop.com and one for daisysflowershop.com. An example of the correct entries is listed below.

IP Address: 127.0.0.1
Port: 80
Host Header Value: www.daisysflowershop.com

IP Address: 127.0.0.1
Port: 80
Host Header Value: daisysflowershop.com

bad request, hostname, host header, iis, web site, invalid

ASP.Net 2.0 is pre-installed on your server. All you need to do to enable it for a website is change the ASP.NET version in the website properties.

Open Internet Information Services Manager (IIS) on your desktop
Expand the server and websites
Right-click on the website you are working with and click properties
Click the ASP.NET tab
This tab will display the current .NET version. To change the version, click the down arrow in the drop down box and select the appropriate version.
Click 'ok'

Open Windows Explorer on the desktop.

Find the directory you need to adjust, right-click on it.
Click properties and then the security tab at the top.

You can add/remove/modify any needed permissions here

permission, read, write, execute, password prompt

The following users must have read access to any folder you want available from the web.

IUSR_webuser
IWAM_webuser
ASPNET
Network Service

You can adjust the permissions through the windows explorer.

Open Windows Explorer on the desktop.
Expand to your directory and right-click on it.
Click properties and then the security tab at the top.
You can add/remove/modify any needed permissions here

iusr, security, users, iwam

This error message means that there is not a default document available for the site.  By default the following default documents are setup.  If you do not have a file in your web directory named any of these, then IIS is unable to display a page when it initially loads.

Default.htm
Default.html
Default.asp
Default.aspx
Default.cfm
Index.htm
Index.html
Index.asp
Index.aspx
Index.cfm

To correct this you can rename your index file to match one of the above or your can add a default document to match a valid default document

To add a default document, open IIS on the desktop
Expand to the website you are having problems with
Right-click on the website and click properties
Click the default documents tab at the top
Click add and add the name of the file that you are using for an index including the extension. 
Ex. home.asp
Click ok and ok to close the menu.

virtual directory

By default the following default documents are setup.  If you do not have a file in your web directory named any of these, then IIS is unable to display a page when it initially loads.

Default.htm
Default.html
Default.asp
Default.aspx
Default.cfm
Index.htm
Index.html
Index.asp
Index.aspx
Index.cfm

To add a default document,
Open IIS on the desktop
Expand to the website you are having problems with
Right-click on the website and click properties
Click the default documents tab at the top
Click add and add the name of the file that you are using for an index including the extension. 
Ex home.asp

Click ok and ok to close the menu.

web site, index

Some firewall configurations prohibit FrontPage from sending encrypted passwords. To allow FrontPage to connect, you have to enable Clear Text Password support.

Open Internet Information Services (IIS) on the desktop

Expand the server and websites
Right-click on the website you are working with and click properties'
Click Directory Security at the top Click 'Edit' at the top Check 'Basic Authentication (password is sent in clear text)'
Click 'Ok'
Click 'Ok'

Stop and restart the website

This error is being generated because the web site in IIS does not have the appropriate permissions to run scripts such as ASP, CGI, or .Net.

Open Internet Information Services Manager (IIS) on your desktop

Expand the server and websites
Right-click on the website you are working with and click properties
Click the 'Home Directory' tab at the top.
Under execute permissions, change the permissions to the required setting.

none - no script access, meant for HTML and static websites
scripts only - allow script access such as ASP and ASP.Net
scripts and executables - allow access to run applications. Meant for CGI and ISAPI applications

asp.net, cgi, execute

To manage multiple sites on one IP address, you will have to use host headers to allow different IIS sites to listen for different requests.

Open Internet Information Services (IIS) on the desktop

Browse to the website you have setup and right-click and select Properties

Click advanced at the top

Add a host header appropriate to your situation.  Here the recommended setup for the domain daisysflowershop.com.  As you see below, you will need two host headers, one for the www and one for the root domain.

IP address: 10.15.1.10
Port: 80
Host Header Value: daisysflowershop.com

IP address: 10.15.1.10
Port: 80
Host Header Value: www.daisysflowershop.com

For further information, the following website will explain the Host Headers in detail

http://support.microsoft.com/?id=324287

You may be receiving the error message below.

Active Server Pages error 'ASP 0131'

Disallowed Parent Path

To enable parent paths

Open Internet Information Services Manager (IIS) on your desktop Expand the server and websites Right-click on the website you are working with and click properties

Click the 'Home Directory' tab at the top Click 'Configuration'

Click the 'Options' tab at the top

Place check next to 'Enable parent paths'

Click 'ok'

Click 'ok'

root, ../

In some cases you might need to run scripts on a simple HTML page.

Open Internet Information Services (IIS) on the desktop and expand Server and Web Sites

Right-click on the website you are working with and click properties Click the 'Home Directory' tab at the top and click 'configuration'
Click 'Add'
For the executable, enter 'C:\WINDOWS\system32\inetsrv\asp.dll'
Enter .htm for the extension
Click 'ok'
Click 'Add'
For the executable, enter 'C:\WINDOWS\system32\inetsrv\asp.dll'
Enter .html for the extension
Click 'ok'
Click 'ok'
Click 'ok'

asp, redirect

Open IIS.

1) Import certificate to IIS.

Click on the server name from the left panel.

Double Click on the Server Certificates icon on the main panel.

Click on Import from the right panel.

Enter the certificate path or browse to it by clicking on the “…” button.

Enter the password

Click OK.

2)Assign the certificate to the website.

Expand the Sites folder from the left panel.

Double click on the website.

Click on Bindings from the right panel.

Click on Add on the Site Bindings window.

Select https on Type, assign the corresponding IP address, and leave port as 443.

Select the certificate from the drop down meanu.

Click on OK.

Enterhost provides domains with the most current and secure 128-bit encryption technology developed. Our web servers support 1024-bit key lengths and 128-bit SSL connections for 128-bit SSL compatible web browsers. Our secure server software is Microsoft Internet Information Server.

Once you have created your custom error page and uploaded the file to your directory on the server, send an email to support@enterhost.com with the custom error type, filename and location of the file in your web directory. Our Support Team will promptly set this up for you.

Once you have created your custom error page and uploaded the file to your directory on the server, you may use the Enterhost Control Panel to set your Custom Error page path.

Login to the Enterhost Control Panel
Click on Site Manager
Click on Custom Errors
Edit the appropriate error type

If your plan does not give you access to the control panel, you may send your request to support@enterhost.com. Please include the custom error type, filename and location of the file in your web directory.

Make sure that your 'home page' or 'default page' has a name that our servers recognize as the default page:

default.asp
default.aspx
default.htm
default.html
index.asp
index.aspx
index.htm
index.html
home.asp
home.aspx
home.htm
home.html

ColdFusion Plans also have:

default.cfm
index.cfm
home.cfm

Server Extensions are included with the Microsoft Server 2003 Operating System.

To install the server extensions,

Login to your server via Remote Desktop
Click 'Start' and 'Control Panel'
Click 'Add/Remove Windows Components' on the left Click 'Application Server' and 'Details'
Click 'Internet Information Services' and 'Details'
Check 'FrontPage 2002 Server Extensions'
Click 'ok'
Click 'ok'
Click 'Next'

If the menu prompts for the Installation CD, enter e:\i386 for the directory and click 'Finish'

front page

Sub-domains can be added the same way as regular domains.  You can use the tutorial video "Setting up a new web and FTP site" in the URL below.

http://www.enterhost.com/support/dedicated/demos/index.cfm

When entering the domain name, use subdomain.domain.com.  When it asks for a path you can enter an existing path or a directory inside of an existing website.

subdomain, pointer

By default, the necessary users only have read access to the directories in the website. Some applications and components used for various tasks such as file uploads and logging will require write permissions in order to save a file on the server. If your code requires these permissions, you can use the walkthrough below to adjust them.

The IUSR_webuser is created by default and is used by IIS to authenticate the anonymous login. It allows IIS and the server to pass permissions back and forth. The user is already created with read permissions but it needs to be able to write as well.

Open windows explorer,
Browse to the home directory of your website and then to the folder you want to be able to write to.

Ex, E:\Inetpub\daisysflowershop\web\ directory Right-click on the folder you need to modify and select 'properties'
Next, click 'security'
Find the IUSR_webuser, check 'modify' under 'allow'
Find the ASPNET, check 'modify' under 'allow'
Find the IWAM_webuser, check 'modify' under 'allow'
Click 'ok'

You will need to edit the properties of the website in IIS to setup the custom 404
Open Internet Information Services (IIS) on the desktop of your server
Right-click on the website you are working with
Click 'Properties'
Scroll to the error you would like to adjust, ex 404, Not Found and double-click on the error
Click the drop down menu at the top and click 'URL'
Type in the URL for the page you will be directing to, ex /404.asp.
Click 'ok'

Custom error, 404, not found

Your copy of Server 2003 includes IIS6, which operates on a secure-by-default security method. IIS blocks CGI and ISAPI extensions by default in order to enhance security. You will need to set these extensions as allowed in IIS.

Open Internet Information Services (IIS)
Expand Web Service Extensions on the left.
Review the security settings and allow any required extensions.

A restart is not required, but it is suggested to ensure IIS picks up the new settings.

First, you will need to ensure IIS will allow CGI to run. Please refer to the following FAQ for more information: http://www.enterhost.com/support/dedicated/knowledgebase.cfm?category=18#100429

Next, you will need to create the directory and assign it the correct permissions.

Create the cgi-bin folder in the website directory.

Open Windows Explorer on the desktop
Browse to the user's Inetpub directory.
Create a new folder named 'cgi-bin' inside of the web folder

If you will be writing to this folder, you will need to enable write permissions as well
Right-click on the folder and click 'properties'
Click on the 'Security' tab at the top
Ensure the following users have 'Modify' permissions
IUSR_webuser
IWAM_webuser
ASPNET
Click OK

Set the appropriate permissions in IIS

Open Internet Information Services (IIS) on the desktop
Find the website you are working with and expand the folders
Right-click on the cgi-bin directory and click 'properties'
Change the Execute Permission to read, 'Scripts and Executables'
Click 'ok'

MIME Types are used to allow the webserver to process files with unknown file extensions.

Login to your server through Terminal Services or Remote Desktop Connection.
Open Internet Information Services (IIS) on the desktop
Expand the Server Name and then Web Sites to find the website you are working with
Right-click on the domain name and select Properties
Click the HTTP Headers tab at the top

Click New.
Enter the information for the MIME Type you are adding

Extension - the file type extension. (ex, .flv)
MIME type -  (ex, video/x-flv)

Click ok

The reason you receive this is because the IUSR_WEBUSER password in Computer Management does not match the password in IIS for the IUSR_WEBUSER. To correct this, follow the steps below.

Changing the IUSR_WEBUSER password in Computer Management
1. Login to the dedicated server.
2. Open up the Computer Management tool one of two ways:
a. Double click on the Computer Management icon
located on the servers desktop.
b. Click Start-Administrative Tools-Computer Management
3. Under the System Tools tree, expand the Local Users and Groups
tree
4. Click to open the Users folder and locate the IUSR_WEBUSER name
in the right pane.
5. Right-click the IUSR_WEBUSER name and then click Set Password.
6. The Set Password for IUSR_WEBUSER window will appear, click
Proceed
7. Type the New Password and Confirm Password for the user and
click OK.
8. Close the Computer Management Window

If you have multiple sites, skip to the section titled, “Changing the IUSR_WEBUSER password in IIS with multiple sites”

Changing the IUSR_WEBUSER password in IIS with only one site
1. Open up the internet Information Services (IIS) Manager tool one of two ways.
a. Double click the IIS icon located on the servers desktop.
b. Click Start-Administrative Tools-IIS
2. Expand the local computer and then expand the Web Sites folder
3. Right-click on the domain that you are receiving the Windows
Login screen and then click Propterties.
4. Click on the Directory Security Tab located on the top of the
Domain Properties window
5. Inside the Authentication and access control box, click Edit
6. The Authentication Methods window will appear, inside the
Enable anonymous access box change the password for the
IUSR_WEBUSER, and then click OK
7. Click Apply, and then OK
8. Close out of IIS and then test browsing to the site

Changing the IUSR_WEBUSER password in IIS with multiple sites
1. Open up the internet Information Services (IIS) Manager tool
one of two ways.
a. Double click the IIS icon located on the servers desktop.
b. Click Start-Administrative Tools-IIS
2. Expand the local computer and then right-click on the Web Sites
folder and click on Properties
3. Click on the Directory Security Tab located on the top of the
Web Sites Properties window.
4. Inside the Authentication and access control box, click Edit
5. The Authentication Methods window will appear, inside the
Enable anonymous access box change the password for the
IUSR_WEBUSER, and then click OK
6. Click Apply, and then OK
7. Close out of IIS and then test browsing to the site

Anonymous FTP is disabled by default on your server.  If this feature is enabled, outside intruders can and will obtain access to your server without having a valid account.  Anonymous access can result in bandwidth overages and malicious files being placed on the server.

To verify it is disabled, please use the instructions below:

Open Internet Information Services Manager (IIS) on your desktop
Expand your webserver
Right-click on “FTP Sites”
Click the ‘Security Accounts’ tab
Ensure “Allow anonymous connections” is NOT checked
Click ‘OK’

Expand FTP Sites
Right-click on ‘FTP’
Click the ‘Security Accounts’ tab
Ensure “Allow anonymous connections” is NOT checked
Click ‘OK’

Repeat this step for any additional FTP sites you have created

If you find this setting is enabled, you will need to disable it immediately and restart your server.  Once the server returns online, check the home directory that had the FTP Anonymous access  allowed on for any uploaded files and remove them.  The default home directory is e:\default\ftproot

Anon, FTP

Create File Folder
Double-click the My Computer icon on the desktop and browse to the E drive
Double-click Inetpub
Click 'File' and 'New Folder'
Type the name of the website, ex. daisysflowershop
Double-click the new folder
Click 'File' and 'New Folder'
Type 'web' to store the web files and press enter

Click 'File' and 'New'
Type 'data' to store the data files and press enter
Close Windows Explorer

Create Web Server
Open Internet Information Services (IIS) Manager on the desktop of your server
In the 'Connections' navigation pane, expand the webserver listed
Right-click on 'Sites' and select 'Add Web Site'
Enter the site name and physical path

Under 'Binding', select the IP address the site will use and type in the hostname for the site. This will be the full domain of the site, ex www.daisysflowershop.com

IIS will automatically create an Application Pool based on the name you enter for the site name. If you would like to use a pre-existing application pool, click select and select the app pool you would like to use.

Click 'Ok' when finished.

Adjust Bindings
Once the website is created, select it on the left
Right-click the new website and click 'Edit Bindings'
Click 'Add'
Select the IP address of the website and enter the domain name without the 'www' you entered in the previous step, ex daisysflowershop.com
Click 'Ok'
Now, you should have two bindings entered. One will be listed with the www and another without
Click 'Close'

Host Headers in II7 are referred to as ‘bindings’
Open Internet Information Services (IIS) Manager on the desktop of your server
In the ‘Connections’ navigation pane, expand the webserver listed
Expand ‘Sites’
Right-click on the website you are working with and click ‘Edit Bindings’
You will use this screen to edit the bindings associated with this site

FrontPage Server Extensions 2002 are no longer included with the Operating System and must be downloaded separately.

http://www.iis.net/downloads/default.aspx?tabid=34&g=6&i=1531

To set or change the IP address for a website, please perform the following:

1) Open the Internet Information Services (IIS) Manager

2) Right Click on the website and choose "Properties"

3) Select the "Web Site" tab

4) Click "Advanced" to the right of IP Address

5) Modify the IP entries associated to the domain that you want particular Host headers to resolve to.

6) Press "OK"

7) Press "OK"

As a reminder, please ensure that your DNS entries for the domain have been updated to reflect the IP change.

By default, FTP operates on port 21. If you wish to change this for security purposes it can be done within IIS:

1. Open IIS.
2. Expand FTP Sites.
3. Right click on FTP and select Properties.
4. Specify an alternate port in TCP port field.

The port chosen will need to be open according to your firewall template. Please see the following link for a listing of open ports:

http://www.enterhost.com/support/dedicated/knowledgebase.cfm?category=14#100339

This error can occur within IIS when there is a misconfiguration of the HTTP Listen List. Normally, IIS will listen and bind all available IP addresses on a server. If an IP address is added into the HTTP Listen List, this will actually cause IIS to ONLY listen to IPs mentioned within the list.

If you have websites attempting to run on your server for IPs that are not within the HTTP Listen List, the following errors may occur:

Cannot register the URL prefix ' for site '. The necessary network binding may already be in use. The site has been deactivated. The data field contains the error number.

Cannot register the URL prefix ' for site '. The site has been deactivated. The data field contains the error number.

Cannot register the URL prefix ' for site '. The IP address for the site is not in the HTTP.sys IP listen list. The site has been deactivated. The data field contains the error number.

=================================

While you can add IPs to the Listen List by entering "httpcfg set iplisten -i x.x.x.x" (where x.x.x.x is an IP address on your server), this will not always resolve the issue. If IIS continues to fail to start a site after the IP is listed, please perform the following:

1) Click Start, click Run, type regedit, and then click OK.

2) Locate and then click the following registry key:

HKLM\SYSTEM\CurrentControlSet\Services\HTTP\Parameters 3) Right-click Parameters, point to New, and then click DWORD Value.

4) Type DisableEndpointSharing, and then press ENTER.

5) Right-click DisableEndpointSharing, click Modify, type 1 in the Value data box, and then click OK.

6) Delete any entries in the IP Listen list.

==================================================================

** To complete this action, you must have the Microsoft Windows Support Tools installed.

==================================================================

To determine whether any IP addresses are listed, open a command prompt, and then run the following command: httpcfg query iplisten

If the IP Listen list is empty, the command returns the following string:

HttpQueryServiceConfiguration completed with 1168.

If the command returns a list of IP addresses, remove each IP address in the list by using the following command: httpcfg delete iplisten -i x.x.x.x

** In this command, the placeholder x.x.x.x represents the IP address that is listed in the IP Listen list.

If the deletion command succeeds, it returns the following string:

HttpQueryServiceConfiguration completed with 0.

7) Click Start, click Run, type cmd, and then click OK.

8) At the command prompt, type NET STOP HTTP /y, and then press ENTER.

9) At the command prompt, type iisreset /restart, and then press ENTER.

After this, the sites within IIS should be started.

** This change will have no effect if the HTTP.SYS IP Listen list contains any entries.

==================================================================

Refrences: http://support.microsoft.com/kb/892847/

Silverlight files are not enabled if your Silverlight applications are not working or you are receiving errors. In order to correctly display Silverlight files, you will have to add the appropriate MIME type to recognize the file.

Open Internet Information Services Manager (IIS) on your desktop
Expand the server and websites
Right-click on the website you are working with and click properties
Click the tab HTTP Headers
Click MIME Types
Click New and add the following MIME type
Extension: .xaml
MIME Type: application/xaml+xml
Click New again and add the following MIME type
Extension: .xap
MIME Type: application/x-silverlight-app
Click ok', ok', and ok' to exit out.

Permissions issues can cause SmarterMail to throw an error to a browser and Event Viewer when accessed. If you receive a "Server Application Unavailable" message when attempting to browse to the website or Admin Control Panel, please verify that ASP.NET 2.0 is assigned to SmarterMail within IIS and that the site exists within its own Applicaton Pool or one shared only by other 2.0 sites.

If the problem persists, check the Event Viewer for the following Error reports:

============================
Failed to execute request because the App-Domain could not be created. Error: 0x80070005 Access is denied.
============================

AND

============================
Failed to initialize the AppDomain:/LM/W3SVC/[siteID]/Root

Exception: System.IO.FileLoadException

Message: Could not load file or assembly 'System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' or one of its dependencies. Access is denied.
============================

If both of these errors exist within your Application Event Logs, you will need to recreate the NTFS permission to the IIS_WPG group and ISUR_WEBUSER account.

To create these permissions, please follow the steps below:

1) Browse to E:\Program Files\SmarterTools\SmarterMail
2) Right-Click on the MRS folder
3) Select "Properties"
4) Click on the "Security" tab
5) Click "Add"
6) Type the following: IIS_WPG
7) Press "OK"
8) Highlight "IIS_WPG" in thelist of Groups and usernames
9) Click Allow for "Modify" (this should also select all permissions below it except Special Permissions)
10) Click "Add"
11) Type the following: IUSR_WEBUSER
12) Press "OK"
13) Highlight "IUSR_WEBUSER" in thelist of Groups and usernames
14) Ensure that only Read & Execute, List Folder Contents and Read are Allowed for this account
15) Press "OK"

How do I migrate my DNS zone to a new server?

To move the primary Microsoft DNS server configuration to a new server, please perform the following:

1. Stop the DNS Server service on both DNS servers.
2. Copy the entire contents (subfolders included) of the %SystemRoot%\System32\DNS folder from the source server to the destination server.
3. On the current DNS server, start Registry Editor (Regedit.exe).
4. Locate and click the following registry subkey: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servic es\DNS\Zones
5. Export the Zones entry to a registry file.
6. Locate and click the following registry subkey: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\DNS Server\Zones
7. Export the Zones entry to a registry file.
8. Cope the saved registry files from the source server to the destination server.
9. On the destination DNS server, double-click each registry file to import the Zones subkeys into the registry.
10. On the destination DNS server, start the DNS Server service.
11. On the destination DNS server, run the following command at a command prompt: ipconfig /registerdns

NOTE: The new server will not have the same IP addresses as the original server. Please be sure to update the information with your Domain Registrars to ensure that the lookups for the Name Servers reflects the changes.

Microsoft provides a utility called the Debug Diagnostic Tool which can be used into isolate the cause of these crashes. Once it is installed, follow these directions to generate a crash report:

1. Click Start, point to Programs, point to IIS Diagnostics, point to Debug Diagnostics Tool, and then click Debug Diagnostics Tools 1.0.
2. Click Crash, and then click Next.
3. Select the desired Target Type, and then click Next.
4. In the Advanced Configuration (Optional) dialog box, click Next.
5. In the Select Dump Location And Rule Name (Optional) dialog box, click Next.
6. Click to select the Activate the rule now check box, and then click Finish.

http://support.microsoft.com/kb/919789

If the ASP.NET tab is missing from the properties pages of your websites, follow the steps below to restore it:

1. Shut down the IIS Admin Service
2. Edit the metabase.xml file at c:\windows\system32\inetsrv in notepad
3. Search for and delete the line containing the text: Enable32BitAppOnWin64="TRUE"
4. Save the file
5. Restart the Server

Check your Windows Add/Remove Programs for the presence of .NET 3.5 SP1. This revision of .NET introduced changes that are incompatible with Helm 4.0.

To correct this, remove all version of .NET back to version 1.1 and then reinstall .NET 2.0. Set Helm's website properties in IIS back to version 2.0. This should allow Helm to open.

Download and install the Helm 4.1 update:
http://download.webhostautomation.net/Helm4.1/doc/en-US/helm-4.1-quick-installation-guide/17654.htm

Once Helm has been updated .NET 3.5 SP1 can be reinstalled.

You will have to modify the registry. It is recommended to make a backup of your registry before starting.

To open the Registry Editor click on Start, select Run, type regedit, and click OK.

The following steps will disable SSL2 (server), to disable the rest of the protocols and ciphers follow the same steps but in the corresponding folder.

Expand to the next key:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server]
Right Click on the right pane, select new, and select the DWORD value type.
Name the new entry Enabled.
By default the data value will be 0x00000000(0), if not double click the new entry and enter a 0 as a value.

The following is a list of protocols and weak ciphers. The new PCI standard requires ciphers to be larger than 80 bit. Disable any ciphers that include a number lower than 80 in the name, for example “40/128” and ‘56/56”. If you see more ciphers not included in the list and are below the 80 bit limit disable them as well. Reboot the server after the changes.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Client]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\PCT 1.0\Server]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Server]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\DES 56/56]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\NULL]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 40/128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC2 56/128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 40/128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\RC4 56/128]

For more information see:
http://support.microsoft.com/kb/187498
http://support.microsoft.com/kb/245030

SQL Injection is the act of a malicious user exploiting a weakness in a website's code. It is normally done to either insert code into a site or database, or gain access to sensitive information. Here is a simplistic example that demonstrates how it works:

There is a login field on a website. A malicious user stops by and enters admin for the username. Instead of trying to guess the password, they use a SQL snippet for the password: ' or 1=1--

The statement '1=1'; will always validate as true, so they're able to log in without knowing the password.

How can I protect my website?

Implement checks that validate and sanitize the user's input. Block common malicious characters like ' ; = *. Also disallow SQL keywords like SELECT, TABLE, DROP, etc.

Do not allow direct SQL queries from URLs. For example: http://yourwebsite.com/search.asp?category=users' or 1=1--

For more information, see:
http://www.governmentsecurity.org/articles/SQLinjectionBasicTutorial.php
http://www.securiteam.com/securityreviews/5DP0N1P76E.html
http://msdn.microsoft.com/en-us/library/ms998271.aspx

IIS can be configured so that it serves custom 404 pages rather than the default that ColdFusion produces. To enable these on a per site basis:

Open IIS
Right click on a website and select Properties
Click the Home Directory tab
Click Configuration
Select the ColdFusion wildcard mapping and click Edit
Check the box labeled ‘Verify that file exists’
Click OK