Posts

Showing posts with the label iis

URLScan and UseFastPathReject fix to stop disclosure of sensitive information

There is a flag in URLScan 3 to stop URL Scan redirecting dodgy requests and instead sending back a 404 response quickly, this is "UseFastPathReject=1" (by default it is 0) The issue outlined: http://www.securityfocus.com/bid/7767/info The fix explained: http://www.securityfocus.com/archive/1/323389
Post a Comment
Read more

How to back up the IIS 7 Configuration

How to back up the IIS 7 Configuration Remember it used to be called a metabase? Open a command prompt with Run as Administrator then cd to %windir%\system32\inetsrv. appcmd add backup. The system will name it for you by using a date, time format and pop it in %windir%\system32\inetsrv\backup. Done.
Post a Comment
Read more