Saturday, August 8, 2015

Converting Unix Text Files to Windows / DOS

I just hate it when I open a text file in notepad and find out its a Unix file with no \r\n to make it render correctly in the Windows/DOS world.  I found this really simple DOS command to solve the problem:

c:\> type unix-filename.txt | more /P > dos-filename.txt

Source:

http://stackoverflow.com/questions/17579553/windows-command-to-convert-unix-eol-to-windows-eol

Monday, July 27, 2015

IP Whitelisting a Specific .NET Web Service asmx file

For the longest time, I've been applying IP whitelisting to an entire website in IIS.  But lately, I've been wanting to just apply it to a specific asmx file in the site, while keeping the rest unrestricted.  After doing some research, it seems that this can be simply done in IIS 6.0 by right-clicking on the asmx file and choosing File Security.

But with Windows 2012 Server and its built-in IIS 8.5, it gets a little more complicated.  First, you have to install the IP Security feature from Server Manager if it is not yet installed:

http://www.iis.net/configreference/system.webserver/security/ipsecurity/add

From my experience with Softlayer, their bare metal installation somehow does not have this feature pre-installed.  But with my Cloud Server, all Web Server options were pre-installed.  From IIS Manager, go to Content View; right-click the asmx file you want to protect and select Switch to Features View.  Then open IP Address and Domain Restriction.

Visit this for more information:

http://stackoverflow.com/questions/1075618/limit-access-of-asmx-web-service-to-specific-ip-addresses

One can also specify the IP restriction by hand via web.config as shown here:

http://serverfault.com/questions/653672/how-to-ip-restrict-access-to-a-website-in-iis8-5-windows-2012r2

Saturday, April 11, 2015

HTTPException Request Timeout with ASP.NET 4.0

I'm still doing ongoing debugging of my recent migration from Windows Server 2003 to 2012.  I have an ASP.NET code that really takes a long time to process.  It works fine with 2003.  But when I migrated to 2012, ASP.NET 4.0 is returning an:

[HttpException (0x80004005): Request timed out.]

after about 2 mins into the process.  I'm following the advise here:

http://blogs.msdn.com/b/asiatech/archive/2012/06/21/how-to-troubleshoot-httpexception-request-timed-out-asp-net-4-0-64-bit.aspx

I added the ff. in my web.config to extend the timeout to 10 mins:

600"/>

Sunday, April 5, 2015

Resetting Turnkey Linux File Server Admin Password

I've been using Turnkey Linux file server for a few years and I think it is an excellent appliance software.  But my hard drive recently crashed and I had to reinstall.  I only got around now to try and create user accounts but couldn't remember what I set the login password as.  I tried all the usually suspects but none work.

After reading a few sites at Google, I finally found this tip that worked:

http://www.rgiapratama.net/2012/10/16/reset-extplorer-admin-password/

Basically, you can manually edit the .htusers.php file of extplorer and change the "admin" password with one that you manually generate using echo | md5sum.

Monday, March 30, 2015

Upgrading to Windows 2012 R2 64-bit Part 2 of 2

I was waiting forever for the certificate to be sent by Geotrust last night.  Turned out that it was sent to the admin email account.  Grrr...

Anyway, I approved the certificate via email link this morning and received it in another email.  So to continue with the process, the following steps were needed:

  1. Install the certificate to IIS 8 -- https://www.digicert.com/ssl-certificate-installation-microsoft-iis-8.htm
  2. Download the intermediate certificates from Geotrust/RapidSSL (provided in the email link)
  3. Install the intermediate certificates to Windows 2012 -- https://support.godaddy.com/help/article/4951/installing-an-ssl-certificate-in-microsoft-iis-8?countrysite=ph
  4. Do a quick SSL health check -- https://www.sslshopper.com/ssl-checker.html
And SSL is now running correctly.

Upgrading to Windows 2012 R2 64-bit Part 1 of 2

I migrated the secondary server from Windows 2003 Standard 32-bit to Windows 2012 R2 64-bit since Win2003 is not supported anymore and it cannot handle SHA-2 SSL.  While my previous attempt to do the same on the virtual server went through like a breeze, doing it on the bare metal server took way much longer than I expected.

  1. The OS Reload took 2 hours to complete.
  2. Upon login, it looks like Softlayer did not install IIS by default unlike with the virtual server.  I had to manually search for the instructions and found this -- http://www.iis.net/learn/install/installing-iis-85/installing-iis-85-on-windows-server-2012-r2.
  3. After loading the programs, got tons of IIS errors.  I did several tests and eventually came to the conclusion that the problem was .NET 4.5 was installed prior to installing IIS.  So it has to be reconfigured in order for IIS to recognize it.  In the old days, it was just a simple call of aspnet_regiis.exe.  But it looks like Win2012 does not support that anymore.  Instead, it uses something called dism.  This link solved it -- http://support.microsoft.com/en-us/kb/2736284.
  4. The above command also correctly installed the ASP.NET State Service.
  5. When the components look like they are working, I tried making test transactions.  I was getting some weird error message that I've never seen before.  After doing some Google research, and inserting lots of debug tracers, it turns out that Windows 2012 has IPv6 enabled by default.  So the Request.UserAddress was returning an IPv6 address instead of an IPv4 which, in turn, causes problem with the call to GeoIP.  The coding suggestion here worked -- http://www.4guysfromrolla.com/articles/071807-1.aspx.
  6. Then I installed the SMTP Server but could not log into it no matter what settings I was doing on the Firewall.  Then I remembered having this same problem a long time ago!  Its the McAfee Virus Scan that came with the bare metal server which was blocking SMTP access.  The virtual server does not come with McAfee so I did not have such problem.  Disabled spam checking at McAfee solved that.
  7. Now, I'm working on getting my SSL certificate re-issued under the newly loaded OS.  I followed this CSR generation instruction -- https://www.digicert.com/csr-creation-microsoft-iis-8.htm.  Now waiting for Geotrust to send me back my new certificate.
Sigh, the expected 2 to 3 hour maintenance is now running 6 hours and counting...

Saturday, March 14, 2015

Installing SMTP Service on Windows 2012

With Microsoft's impending end-of-life support for Windows 2003 and all the recent SSL attacks, it looks like moving to SHA-2, TLS1.x, etc. is inevitable.  I've previously  had an impossible time getting Dragonpay to work correctly on Windows 2008 R2 64-bit at Softlayer.  But this time around, when I had the OS reloaded for Windows 2012 64-bit, it was surprisingly smooth.  Granted that it took a little bit of getting used to the new interface, but it wasn't that much different from Windows 2008.

Figuring out where to find the SMTP service took a bit more of a challenge but I found this incredible and very detailed step-by-step guide that worked perfectly:

http://blog.hyperfive.com/2013/07/how-to-setup-internal-smtp-service-for.html