Add IIS URL Rewrite

By default IIS is missing the URL rewrite.

Looking at a fresh install of IIS admin view, the icon which should be found within the section, IIS, is missing.

Having gone through the sequence to add asp.net as detailed in the article Adding ASP.NET Features to IIS7.5, I expected to find it as an option here.

Adding ASP.NET Features in IIS 7.5 Including ASP.NET

But it’s not listed.

To add this visit the page https://www.iis.net/downloads/microsoft/url-rewrite and follow the instructions, downloading and running the module.

Here’s a view of the IIS admin screen with the URL Rewrite icon, sitting between the Server Certificates and Worker Processes on the bottom row of the IIS section.

Add IIS URL rewrite, icon added

 

 

Adding ASP.NET Features to IIS7.5

By default Windows 7 IIS is missing the asp.net features, shown above the IIS section in the control panel

The control panel is shown below with only the IIS options and Management options.

Adding ASP.NET Features in IIS 7.5

To add the asp.net features. Begin by opening the control panel and selecting from the Programs section the option Turn Windows features on and off.

Adding ASP.NET Features in IIS 7.5 Windows Features

Click on the checkbox for ASP.NET.

 

Adding ASP.NET Features in IIS 7.5 Windows Features add ASP.NET

There’s a dialogue window confirming that the amendment is taking place:

Please wait while Windows makes changes to features. This may take several minutes.

You may find that this takes a few minutes. Wait whilst the dialogue completes.

I have read that IIS is to be restarted for the change to show. However, for me it was sufficient to close the management window and reopen it once more.

 

Adding ASP.NET Features in IIS 7.5 Including ASP.NET

 

Whilst the control panel ASP.NET section is missing by default its easy to add it in, following the steps above beginning with the control panel.

 

web.config Redirect non-www to www

That often looked for website redirect from the non-www version of the website URL, address, to the www version.

In this case the redirect is for a Windows hosted website, using the web.config file to set the redirect rules.

I wish to avoid adding the redirect within the website coding. By taking advantage of the redirect rules within the web.config file. This will make them readily available and can be edited without recompiling the website code.

Access your website either using FTP or the editor/manager within the housing website control panel.

The file to be edited is located at the root of the website. This may be a directory down. Check if you have a directory such as public_html.

It’s easier to edit the content of the web.config file of is laid out correctly and colour coded. An HTML editor will make your life easier when editing.

Shown below is the code to add the redirect of the non-www address to www to be added to the web.config asp.net website configuration file:

<rewrite>    
    <rules> 
        <rule name="Canonical" stopProcessing="true"> <match url=".*" /> 
            <conditions> 
                <add input="{HTTP_HOST}" negate="true" pattern="^www\.([.a-zA-Z0-9]+)$" /> 
            </conditions> 
            <action type="Redirect" url="http://www.{HTTP_HOST}/{R:0}" redirectType="Permanent" /> 
        </rule> 
</rewrite>

The above is to be added within the section <system.webserver>

As as a bonus below is the HTTPS version too!

<rewrite>    
    <rules> 
        <rule name="Redirect to HTTPS" stopProcessing="true"> 
            <match url="(.*)" /> 
            <conditions> 
                <add input="{HTTPS}" pattern="^OFF$" /> 
            </conditions> 
            <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="SeeOther" /> 
        </rule> 
    </rules> 
</rewrite>

Putting this all together gives:

<rewrite>    
    <rules> 
        <rule name="Canonical" stopProcessing="true"> <match url=".*" /> 
            <conditions> 
                <add input="{HTTP_HOST}" negate="true" pattern="^www\.([.a-zA-Z0-9]+)$" /> 
            </conditions> 
            <action type="Redirect" url="http://www.{HTTP_HOST}/{R:0}" redirectType="Permanent" /> 
        </rule> 
        <rule name="Redirect to HTTPS" stopProcessing="true"> 
            <match url="(.*)" /> 
            <conditions> 
                <add input="{HTTPS}" pattern="^OFF$" /> 
            </conditions> 
            <action type="Redirect" url="https://{HTTP_HOST}/{R:1}" redirectType="SeeOther" /> 
        </rule> 
    </rules> 
</rewrite>    

Technically it’s a 301 or 302 redirect. Looking at the code above it can be seen that I’ve used the redirectType parameter value of permanent showing the redirect to be of type 301. web.config rewrite rules to permanently redirect non-www to www.

Change Windows 2008 User Password Lost Current Password

Having lost the current password for a Windows 2008 server user account. How do I change the password?

If I follow the control panel link to the user and look to reset the password, a part of the dialogue requires entry of the current password. Which I didn’t have!

Its possible to get around this requirement from a command prompt.

Right click on command prompt, from the menu, and select to run as administrator

Enter

net user username *

When asked, enter the new password, and re enter for confirmation.

Obliged to confirm that the password change is correct and the anticipated value has been entered I once more tried logging in with a remote desktop session from another computer.

Using the command prompt as opposed to the user control panel I was able to reset a user password without the knowledge of the current password.

 

IIS Adding Support for Font Families

By default IIS doesn’t support all of the font family types used in CSS. Additional media support entries may be required.

Below is a typical font family definition, as used within a CSS file.

@font-face {font-family: 'my-font';src:
    url(inc/fonts/my-font.otf) format('truetype'),
    url(inc/fonts/my-font.eot) format('eot'),
    url(inc/fonts/my-font.woff) format('woff');}

Whilst configuring a website hosted on Windows server I found that Internet Explorer wasn’t adopting the specified font family.

I checked the HTML and CSS on a Linux server with Apache. All was well and Internet Explorer was showing the correct font, confirming that my definitions were correct, no spelling errors or missing characters.

Using Firebug on Firefox I was able to see that the woff file was being requested but not downloaded.

By adding the media type for woff to IIS I was able to resolve this problem.

Add font Media Type

Font media types are added to IIS as per any media type.

IIS adding font familiy support

From within the IIS manager select the server root in the left menu to show its home menu, with options for IIS, management and not shown in this view, ASP.NET, FTP.

IIS adding font familiy support mime types

Click on the MIME Types, within the IIS section to show a list of those configured.

IIS adding font familiy support add mime type

At the top right corner click on Add.

IIS adding font familiy support add mime type woff

To add a new MIME type enter the extension and the MIME type within the Add MIME Type popup window:

IIS adding font familiy support mime types includes woff

The addition of the woff font added to the list of installed MIME Types.

IIS Media Types

The table below gives the media types for the common font types

Extension Media Type
.eot application/vnd.ms-fontobject
.ttf application/octet-stream
.otf application/font-sfnt
.svg image/svg+xml
.woff application/font-woff
.woff2 application/font-woff2

Looking at the IIS mime support for the font types I observed the following default font support:

Media Type Extension Configured by default
TrueType .ttf Yes
Embedded OpenType .eot Yes
OpenType .otf No
Web Open Font Format .woff No

Windows RDP Change User Password

In a remote desktop session (RDP) accessing the account password settings with <CTRL> + <ALT + <DELETE> is not available. An alternative method is required.

On a Windows computer pressing <CTRL> + <ALT> + <DELETE> provides access to profile settings such as the user password.

From within remote desktop the <CTRL> + <ALT> + <DELETE> key combination is transferred back to the parent computer, with loss of control from the active remote desktop session.

Therefore a different key combination to the usual ctrl alt del is required to access the user password configuration when used from within a remote desktop session.

I found that using the key combination <CTRL + <ALT> + <END> leaves the remote desktop active, focus is not withdrawn back to the parent computer. The active screen is replaced by a summary action  screen showing the options:

  • Lock this computer
  • Log off
  • Change a password…
  • Start Task Manager

Click on Change a password. On the following screen enter the existing password, followed by the new password and a second entry to ensure that it was typed correctly. Click on OK to complete.

From within a Windows RDP I am able to update an expired password. However, for Android and Linux originated sessions I find that access to the server is not given.

Regularly updating your password is good security practice and ensures that Windows doesn’t lock you out following the expiry of the current password.

HTTP Error 503. The Service is Unavailable

Re-activating an old website on IIS the browser showed HTTP Error 503.

More fully the error given within the browser was:

HTTP Error 503. The Service is Unavailable

The website was a development site which had been stopped and was now to be re-activated.

Reviewing the IIS settings for the website, nothing looked to be wrong. It was running.

A review of the assigned application pool showed this to have also been stopped , at the time the website was taken off-line.

This error was caused by the application pool not being enabled in IIS.

In IIS click on the Application Pools menu item in the left hand tree menu to show a list of the Application Pools.

If the application pool is stopped, click on its line item and then in the right column click on Start.

IIS8 add Server Certificates Icon

By default the Server Certificates icon, along with many more, is missing. The missing icons are added through the Add Roles and Features Wizard.

As a part of installing a certificate on IIS 7 there is the requirement to double click on the Server Certificates icon within the central pane in the IIS control panel.

Begin by clicking on the Server manager Icon located in the bottom bar. In the Add Roles and Features Wizard window click on Next to move forward showing the Installation Type.

From the wizard select Role-based installation.

IIS7 Server Certificates Add Roles and Features Wizard

Select webserver (IIS) followed by then web server security and its sub section of client certificate mapping authentication,

iis7 Server Certificates Add Roles and Features Wizard

Follow the remaining steps as appropriate passing through server select, Server Roles and Features, confirmation and results.

Clicking on Install I have found that whilst the message indicates that the window may be closed – it can’t be.

Also don’t give up hope the feature will be installed, it just seems to take an inordinate amount of time.

Windows 2012 Server Change Administrator Password

Changing the Windows Server 2012 Administrator password via a Remote Desktop RDP connection as actioned via the Local Users and Groups section of the Computer Management.

To access the Computer Management hover in the top right corner of the desktop to get the three icons: Search; Start and Settings; to appear at the right edge of the screen. click on the Search icon and enter Computer Management in the box.

Windows 2012 Server Change Administrator Password
Click on the Computer Management search result, shown at the left, below the Apps title in the image above.

Windows 2012 Server Change Administrator Password Computer Management

In the Computer Management console expand the section Local Users and Groups in the tree menu at the left hand side. click on Users to show the available users.

Windows 2012 Server Change Administrator Password Local Users Groups

Right click on the Administrator account and select Set Password from the pop-up menu.

Windows 2012 Server Change Administrator Password Set Password

This will open a pop-up alert message warning. Click on Proceed to access the Set Password for Administrator window

Windows 2012 Server Change Administrator Password set Password for Administrator

Finally enter the new password in both fields and click on OK.

How to Fix Bad Request (Invalid Hostname)

The Bad Request error is most likely due to a missing entry in the bindings for an IIS site instance.

The error is shown simply in the browser with no other content as:

Bad Request (Invalid Hostname)

To correct the error the website URL is to be added to the site’s bindings.

On the web server open the IIS manager.

At the left expand the treeview menu of sites to show the site with the associated error.

Click on this site to show its property icons in the middle screen and items such as bindings, permissions and settings in the narrow pane at the right.

Click on the bindings icon.

In the pop-up Site Bindings window review the entries. ensure there are entries for the domain with (and without) www.

If you are running the popular  DotNetNuke CMS the follow-on error may be

404 – File or directory not found.
The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.

This is caused by having the correct bindings in IIS but the DNN CMS not having the necessary entry to handle the domain.