I have developed an ASP.NET web application and have deployed it to a
production server. The web application has only a single page with the
page_load event having no code in it. The virtual directory in IIS is setup
with anonymous access only. The user that virtual directory is ...

When only port 443 is open for OWA is does not work. When i open port 80 and
port 443 is work. Can anyone tell me why?
Windows 2003 server
Exchange server 2003

Is basic authentication useful against automated attacks (e.g. those
attacks using buffer overflows).  
Regards,
Bulent

I am new to this employer.  They have an IIS 5.0 Server in a DMZ that is a
member of workgroup not domain.  The name of workgroup is same as domain.  
Script writes route to internal domain ip range through firewall.
I have researched this type of practice in MS technet and found ...

Hi. I've been running into a problem with one of my customers. For some
reason whenever we do a reboot on our customers machine I am required
to open IE and try to go to his web pages before they start working
again. I don't even have permissions to access his web pages and I get

Hello! I'm trying to figure out if there's a way to determine what pages
have been set for SSL on my site. The site consists of a couple of thousand
pages (a university site) and we're developing a new site for launch in the
summer. Naturally, I want to be sure we set SSL on the ...

What are the security risks with a webserver having one nic into the dmz on
the firewall and the other nic into the production network, with the
webserver belonging to the domain, but logged on locally at all times.
I am assuming that in order to get it to retrieve the info from a ...

I have an Intranet Web site which generates an HTML document on the
server-side, and then, on the client-side, runs MS Word, which opens this
HTML document, adds some Word formatting, prints it, and then saves it (via
the http://host/site/folder/file.doc from which it was ...

I get this message in some browsers when I go to
http://www.mysite.ac.uk/mysite which is meant to redirect to
https://www.mysite.ac.uk/mysite: "specified request cannot be executed from
current Application Pool". I think there is an answer to this somewhere but I

Hi ! I've experienced a bad problem with user authentication on a
custom asp.net application running on a windows 2003 server.
This is the scenario.
There is a windows 2003 server with SP1 and IIS 6.0 on which are

I followed David Wang's instructions but for some reason I can not get
past the redirect... It does fire from HTTP to HTTPS without any
trouble ... but it just sits on the error page ...
<%

hello. i disabled the file system object for my iis 6. but i have a search
code for my site  written by asp that uses the fso.
if  i enable fso,  other users who upload their files by ftp to server read
others files, server's system info, drives etc.

I have an ASP.NET site hosted on an SBS 2003 server.  The server is a day old
and no changes have been made to IIS with respect to user rights, etc.
I have configured IIS_WPG to have the rights necessary to access what needs
to be accessed on my site folder.  I have set this up ...

I want to create a WebService which belongs to a custom application
pool & doesnt allow anonymous access.
I created a user Named "TestUser", and added it to the IIS_WPG group.
Then i created a new application pool "TestAppPool" which is run by

I need a tutorial that shows me step-by-step how to set up my IIS so that it
will be safe.
I mean something like this
http://www.windowsecurity.com/articles/Installing_Securing_IIS_Servers_Part1.html