Binding a website that already uses required port.
Hello devs, I hope you are having a great day. I have already developed a website that runs on port 8081 in localhost. When i start a new site in IIS and set 8081 as the port in the bind section(which is already open via the website), I receive the error that the port is already in use. My question is how can I connect my domain to the local host and specified port in IIS or any other application. The IIS has a default website(which brings the welcome page up) and by using that the connection between domain and server is assured(name servers are set and ready). If only the IIS could relay all traffic to the localhost and port 8081 of the server, my problem would be solved. I have attached some pictures for better understanding. Thank you in advance Best wishes, Sahand -As you see in this picture my website has started and working in the specified IP and port. ,-In this picture while binding the new website to port 8081 the IIS refuses to start the site with this error(port 8081 is already in use by my website).IIS port problem
Hi everybody! My company would like to use MantisBT and i got the task to setup mantis but i have some problem with it. I would like to run MantisBT on port 443 (https) but one application already use this port. (This application isn't based on IIS). The server which should run MantisBT has two network cards and using Windows Server 2019. The first (x.x.x.1) is used by the necessary monitoring application, the other one (x.x.x.2) should used by MantisBT. The problem is if i bind x.x.x.2 IP to port 443 than i got an error message: The process cannot access the file because: it is being used by another process.(Exception from HRESULT: 0x80070020) Any idea what should i do? Can you give me step by step advice? Thank you. Have a nice day! PNHow to integrate with Angular ngCspNonce`
Good Day I'm trying to set up CSP Nonce support with Angular, using IIS on Windows-based Azure App Service Plans. I can't switch to a different web server due to other requirements, so I'm stuck with IIS. What I need to configure is a replacement for 'nonce-random_nonce_value' In Apache or Nginx, this is trivial, but on IIS how do I tell it to replace "nonce-random_nonce_value" with "nonce-<blah-long-hash>". Thanks
No remote management of IIS on Server Core
Hi, I have three VMs running on a Server 2022 Hyper-V host: Windows 11 for management, Server 2022 as a domain controller and Server 2022 Core for Exchange 2019. On the DC I installed the optional feature "IIS Management" and downloaded and installed "IIS Manager for Remote Administration 1.2". Access to IIS on Exchange server works without problem. But if I do the same on the Windows 11 VM, I get an error message when trying to connect: An unexpected error occurred, connection was reset. I have tried the following without success: 1. use host name or FQDN of the mail server 2. use IP address of the mail server 3. use ports 80 and 443 (e.g. mailhost:443) 4. complete shutdown of all firewall profiles on both the Windows 11 client and the mail server The mail server's certificate is the original self-signed certificate that is created when Exchange/IIS is installed - I would expect to be asked about the trustworthiness of the certificate, but apparently the connection fails even before the SSL handshake. All four machines are domain members, name resolution and ping work fine. The Windows and IIS logs contain no clues. Several hours of web research have not yet yielded any results. Does anyone have an idea / a starting point? Many thanks in advance and best regards Stefano
How to prevent Malicious HTTP Redirections on an Exchange server
Hello All! I am attempting to assist a customer who is trying to pass PCI scans. By default, their IP addresses redirects any HTTPS (443) requests to the Exchange server's OWA. This is fine, except the scan states that the server does not pass a couple of vulnerabilities, one of them being "Redirection via Arbitrary Host Header Manipulation". As a solution, they recommended whitelisting domains, only allow permitted domains to be included in the Host header. I (for the life of me) cannot figure out how to get this to work on a server who's default website is the Exchange OWA. Every time I try to implement a rule in IIS (see: https://techcommunity.microsoft.com/t5/iis-support-blog/host-header-vulnerability/ba-p/1031958) that would redirect any requests that don't match the supplied string to the desired domain name, the page won't load and I get "ERR_TOO_MANY_REDIRECTS" presumably because of Exchange's automatic OWA redirection. Is there a way I can prevent malicious HTTP redirections without breaking OWA? To clarify: there are two domain names on our DNS that lead to the IP address of the Exchange server: mail.domain.com and vpn.otherdomain.com, obviously one is meant for mail and the other one is meant for vpn access over port 8443. The main domain (domain.com) leads to a completely different IP address that hosts their public website. I would like to change the IIS settings on the Exchange server so that mail.domain.com is the only domain allowed to be requested through an HTTP request.IIS Server Loads suspicious DLL
Hello, I am encountering an unusual behavior with the IIS Worker Process (w3wp.exe) and require assistance in understanding it. The process initiates with the following arguments: Application Pool: "TestApplicationAPI" CLR Version: "v4.0" Managed Pipeline Mode: Integrated Named Pipe: "\.\pipe\iisipmc[unique-id]" Configuration File: "C:\inetpub\temp\apppools\TestApplicationAPI\TestApplicationAPI.config" Other Parameters: Default settings Subsequently, a DLL is filelessly loaded into the process. The DLL has a name following the pattern "zx_[md5hash].dll", where [md5hash] represents a specific hash value. I have searched extensively but found no information regarding such fileless DLL loading in IIS, particularly with a name that seems to be dynamically generated. Can anyone provide insights into: The nature and purpose of this "zx_[md5hash].dll"? The implications of this behavior for the security and stability of the IIS environment? Any known issues or documentation related to this kind of scenario in IIS? Any help or guidance would be greatly appreciated. Thank you!How to add files from other directory to IIS-localhost
Hi IIS Community, Multiple HTML files reside at a different path, say `C:/some-name/documents/GitHub/Directory`, not in the `inetpub\wwwroot` directory. So how can I still use or render those files in localhost? I tried creating a virtual directory from the manager but failed to do the expected result. Every time I face "HTTP Error 500.19 - Internal Server Error" Please help me with the same. Cheers, Rishu Mehra
