Tag Archives: IIS

Manually Remove the W3 Total Cache WordPress plugin

Posted by on April 23, 2013 No comments

I installed the W3 Total Cache plugin last night and enabled about 1/2 of the features. Everything seemed fine initially so I left it alone. Today I went to write a post and noticed my site was down. Yikes! No idea how long it was down because no one bothered to tell me (thanks for nothing readers! :>).

Since the last thing I changed was adding the W3TC plugin, I decided to remove that. Since I couldn’t get the site to load, I had to figure out a way to do this manually. Thankfully I stumbled across this post:

http://www.tech-recipes.com/rx/36504/wordpress-manual-uninstall-of-w3-total-cache/

I followed the directions there (minus the .htaccess steps since I’m running on Windows/IIS versus Linux/Apache) then killed all the PHP and W3WP processes related to my site that were running. They kept popping up new ones so I stopped the app pool, then tried again and was able to kill them all. After that I restarted the app pool and hit the URL – all better! Yeah!

I think I’ll avoid that plugin now. :)

Using LogParser to Check Visitor IPs to a Certain Page

Posted by on April 11, 2013 8 comments

Today I noticed we were getting an increasing amount of spam on one of our form pages. I was curious to see if all of the user IP addresses were the same (in which case I’d just add them to the IIS7 IP Restrictions list). To quickly and easily figure this out I decided to use LogParser. Besides just querying for the page though, I wanted to add an additional condition to exclude rows that came from a certain internal IP address that we use for monitoring.

Here’s a generic version of the query I used:

LogParser.exe -q:on "SELECT * FROM x:\wwwlogs\W3SVC1\u_ex130411.log WHERE cs-uri-stem='/SomePage/' and c-ip<>'10.10.1.100' >c:\temp\PageVisitors.txt"

I wanted to see the full logged data for the request, but if I didn’t, I could have very easily just pulled the IP addresses using:

LogParser.exe -q:on "SELECT c-ip FROM x:\wwwlogs\W3SVC1\u_ex130411.log WHERE cs-uri-stem='/SomePage/' and c-ip<>'10.10.1.100' >c:\temp\PageVisitors.txt"

You can see that I’m piping the results to a text file (the “>c:\temp\PageVisitors.txt” part) so that I can easily deal with the results. You may also want to take note that I’m using the “-q:on” flag which runs the command in Quite Mode. If you don’t set this flag then LogParser will show results one page at a time. When piping to a text file rather than the command prompt window, you obviously can’t hit a key for “next page” so without this flag the query will actually hang forever if there is more than one page worth of results.

Happy hosting!

Installing Windows 2012 Server Core plus IIS8

Posted by on February 1, 2013 1 comment

Installing Windows 2012 Server Core plus IIS8 isn’t as hard as you might think. At least it isn’t as hard as I thought!

Server Core can be intimidating to long-time Windows users who expect to see the comfortable familiarity of the Windows desktop (though that has also changed with Server 2012). Rather than a Windows desktop you are presented with a command window and required to make changes through text commands. Hey, what is this – Linux?!? :)

You can relax though. There are actually ways to still manage your server via GUI through the use of various remote tools. That gives the benefit of the smaller footprint and attack surface on your server, but still the ease-of-management that users are use to.

Here’s a great recent post with a few quick steps on getting Windows 2012 Server Core installed (not many steps there – its super-easy) then the command lines needed to install IIS8 and enable it for remote access. Then the few steps required to get connected remotely to manage your server.

http://www.orcsweb.com/blog/jamie-furr/manage-and-install-iis8-on-windows-2012-server-core/

Check it out – it’s likely way easier than you expected!

Happy hosting!

Linking spam sent through shared IIS SMTP server to a user

Posted by on January 8, 2013 1 comment

Microsoft’s IIS SMTP service won’t log usernames even when SMTP-AUTH is enabled and clients are all authenticating. So, what happens if someone starts abusing the SMTP service (or you perhaps have a runaway process performing the abuse)?

Well, it takes a little effort but it is possible to track down the username being used to authenticate to the service. Here’s a post by Jeff Graves of OrcsWeb showing exactly how to track down this information: http://jeffgraves.me/2013/01/08/linking-spam-sent-through-shared-iis-smtp-server-to-a-user/

PUT/POST/DELETE Verb Errors On Site

Posted by on November 30, 2012 1 comment

A client was getting errors when using PUT/POST/DELETE verbs on their web application recently.

The errors he was seeing were:

<h2>405 - HTTP verb used to access this page is not allowed.</h2>
<h3>The page you are looking for cannot be displayed because an invalid method (HTTP verb) was used to attempt access

After some troubleshooting the error was isolated to the fact that WebDav was installed on the server and was intercepting those requests for its own service use.

Rather than removing WebDav from the server, we went looking for another solution. Thankfully someone on Twitter understood the issue and gave an example of changes to make to the client’s web.config file in order to disable (remove) the WebDav module for just that specific site without requiring any manual administrative actions on the server.

The code updates to make to your web.config file to resolve this error are:

<configuration>
  <system.webServer>
    <handlers>
      <remove name="WebDAV" />
      <remove name="ExtensionlessUrlHandler-ISAPI-4.0_32bit" />
      <remove name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" />
      <remove name="ExtensionlessUrlHandler-Integrated-4.0" />
      <add name="ExtensionlessUrlHandler-ISAPI-4.0_32bit" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness32" responseBufferLimit="0" />
      <add name="ExtensionlessUrlHandler-ISAPI-4.0_64bit" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" modules="IsapiModule" scriptProcessor="%windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_isapi.dll" preCondition="classicMode,runtimeVersionv4.0,bitness64" responseBufferLimit="0" />
      <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="GET,HEAD,POST,DEBUG,PUT,DELETE,PATCH,OPTIONS" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0" />
    </handlers>
    <modules>
      <remove name="WebDAVModule" />
    </modules>
  </system.webServer>
</configuration>

I hope this help. Happy hosting!