The Password complexity is a Local Policy setting named “Passwords must meet complexity requirements” under Computer Configuration/Windows Settings/Security Settings/Account Policies/Password Policy. In a Server Core installation, there is no graphical user interface to set this policy.Instead, use secedit to import and export the security settings from a Full Installation of Windows Server 2008 and later Read More
Category: Windows Servers
How to Install an SSL Certificate on IIS 10 Manually
Purchased and downloaded your certificate from your certificate provider like Godaddy, Digicert, SSL.com etc.. Convert your .crt file to a .cer file Locate your downloaded .crt file, and double-click to open it. Select the Details tab, and then the Copy to File button. Select Next in the Certificate Wizard. Select Base-64 encoded X.509(.CER) and then select Next. Select Browse, locate where you want to save your .CER file, and type Read More
How to Redirect HTTP to HTTPS with Windows IIS 10
To create redirection rules in IIS, you must download and install the URL Rewrite Module 2.1 IIS module (https://www.iis.net/downloads/microsoft/url-rewrite). Then open the Internet Information Services Manager console (InetMgr.exe) and select your site. Go to the SSL Settings section and make sure that the Require SSL option is not enabled. If not, this will cause a conflict with the Rewrite URL Read More
How to Enable SMB Signing?
SMB signing (also known as security signatures) is a security mechanism in the SMB protocol. SMB signing means that every SMB message contains a signature that is generated by using the session key. The client puts a hash of the entire message into the signature field of the SMB header. SMB signing first appeared in Read More
How to Disable TLS 1.0 and TLS 1.1 via Group Policy
How to Disable TLS 1.0 and TLS 1.1 via Group Policy Open regedit utility Open Group Policy Management (gpmc.msc) in a Domain Controller. 2. Creating a GPO in the Domain Controller Navigate to the OU where Policy is to be linked and right-click and select ‘Create a GP in this domain and Link it here’; In this Read More
How to Disable SSL V3 on Windows Servers
The best way is to have this done by a free tool called “IIS Crypto” from the Nartac Software. You can download the tool from here. https://www.nartac.com/ Below, is a way to get this done manually. but it’s not recommended. SSLv3 is an obsolete protocol, the main attack vector on which, at the time of Read More