Kevsters Blog

My little part of the Internet

Tag: IIS7

Change of Platform

Having run this blog and others on Community Server for quite a while not,  I decided it was time for a change.
As this sites only used for blogs (no media, forums etc) there did not seem much point in continuing running the site on CS.  In addition, for some reason they have decided to remove support for running multiple ‘virtual’ CS sites within the same database.  Also I have issues with the stability, updates etc.  Hence moving this to WordPress.
Lets see how it goes……

ASP.Net and SharePoint

Its taken me long enough but finally had a reason to write some true ASP.Net code.  One problem I hit was that trying to run code on a server that is running SharePoint Services …. so you need this exceprt….
 You may see this error:

An error occurred during the processing of /test.aspx. Code blocks are not allowed in this file.

Reason:  SharePoint does not allow server side code to execute in aspx pages contained in the SharePoint site.
Fix:  Edit the web.config (I.E. C:InetpubwwwrootwssVirtualDirectories80web.config) file:

<PageParserPaths>
        <!– To allow a single file: –>
        <PageParserPath VirtualPath=”/test.aspx” CompilationMode=”Always” AllowServerSideScript=”true” />
        <!– To allow global: –>
        <PageParserPath VirtualPath=”/*” CompilationMode=”Always” AllowServerSideScript=”true” />
        <!– To allow global within a subsite: –>
        <PageParserPath VirtualPath=”/websitefoobar/*” CompilationMode=”Always” AllowServerSideScript=”true” />
</PageParserPaths>

Controlling SSL Ciphers on Windows 2003/2008 Server

On Windows 2003/2008 Servers running anything over SSL (ie HTTPS) via applications like IIS, Terminal Services (SP1+) and ISA Server even if the application can set ‘Force 128bit encryption’ other weak ciphers are still availible on the server.
 To stop this:
1) Backup your registry or at least export the key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNEL
2) Copy below into a text document and rename to .reg

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsPCT 1.0Client]
“Enabled”=dword:00000000

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsPCT 1.0Server]
“Enabled”=dword:00000000

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsSSL 2.0Client]
“Enabled”=dword:00000000

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELProtocolsSSL 2.0Server]
“Enabled”=dword:00000000

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELCiphers]
“Enabled”=dword:00000000

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELCiphersDES 56/56]
“Enabled”=dword:00000000

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELCiphersRC2 40/128]
“Enabled”=dword:00000000

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELCiphersRC4 40/128]
“Enabled”=dword:00000000

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELCiphersRC4 56/128]
“Enabled”=dword:00000000
 

3) Double click the .reg file to run and answer Yes to dialog
4) Confirm working ciphers.  A good site is http://www.serversniff.net/content.php?do=ssl 
 Have fun

© 2018 Kevsters Blog

Theme by Anders NorenUp ↑