Windows Servers | Summa Lai

How to Install an SSL Certificate on IIS 10 Manually

Posted on November 27, 2023November 27, 2023 by Summa Lai

Purchased and downloaded your certificate from your certificate provider like Godaddy, Digicert, SSL.com etc.. Convert your .crt file to a .cer file Locate your downloaded .crt file, and double-click to open it. Select the Details tab, and then the Copy to File button. Select Next in the Certificate Wizard. Select Base-64 encoded X.509(.CER) and then select Next. Select Browse, locate where you want to save your .CER file, and type Read More

How to Redirect HTTP to HTTPS with Windows IIS 10

Posted on November 24, 2023November 24, 2023 by Summa Lai

To create redirection rules in IIS, you must download and install the URL Rewrite Module 2.1 IIS module (https://www.iis.net/downloads/microsoft/url-rewrite). Then open the Internet Information Services Manager console (InetMgr.exe) and select your site. Go to the SSL Settings section and make sure that the Require SSL option is not enabled. If not, this will cause a conflict with the Rewrite URL Read More

How to Enable SMB Signing?

Posted on November 20, 2023November 20, 2023 by Summa Lai

SMB signing (also known as security signatures) is a security mechanism in the SMB protocol. SMB signing means that every SMB message contains a signature that is generated by using the session key. The client puts a hash of the entire message into the signature field of the SMB header. SMB signing first appeared in Read More

How to Disable TLS 1.0 and TLS 1.1 via Group Policy

Posted on November 16, 2023November 16, 2023 by Summa Lai

How to Disable TLS 1.0 and TLS 1.1 via Group Policy Open regedit utility Open Group Policy Management (gpmc.msc) in a Domain Controller. 2. Creating a GPO in the Domain Controller Navigate to the OU where Policy is to be linked and right-click and select ‘Create a GP in this domain and Link it here’; In this Read More

How to Disable SSL V3 on Windows Servers

Posted on November 15, 2023November 15, 2023 by Summa Lai

The best way is to have this done by a free tool called “IIS Crypto” from the Nartac Software. You can download the tool from here. https://www.nartac.com/ Below, is a way to get this done manually. but it’s not recommended. SSLv3 is an obsolete protocol, the main attack vector on which, at the time of Read More

How to Fix Microsoft IIS Tilde Character Short File/Folder Name Disclosure

Posted on September 20, 2023September 20, 2023 by Summa Lai

Description Microsoft Internet Information Server (IIS) suffers from a vulnerability which allows the detection of short names of files and directories which have en equivalent in the 8.3 version of the file naming scheme. By crafting specific requests containing the tilde ‘~‘ character, an attacker could leverage this vulnerability to find files or directories that Read More