ichi.co.uk

Tag Results

4 posts tagged iis

IIS 7.x “404 - File or directory not found” for .iso image files

If you get the following message when trying to download an .iso disc image from IIS 7/7.5…

404 - File or directory not found.

The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.

You just need to add the MIMI type. To do this, open IIS Manager, select the server on the left, open MIME Types…

Then on the top right click Add > File name extension: .iso
MIME Type: application/octet-stream

The file should now download properly. 

Using ASP.Net Forms Authentication on Load Balanced Servers

We recently started using HAProxy to load balance between two application servers for both HTTP and HTTPS traffic. It was really easy to get working, has worked great so far and we’re really pleased with it. The only issue we had was with our login cookies, which are set via FormsAuth, as when logging in our visitors use HTTPS and might get a different server to the one they were ‘stuck’ to with HTTP which uses a cookie to ensure the same server. HAProxy can’t read a cookie from an SSL stream as the connection isn’t terminated at the proxy, it is still terminated at the web application server (you can end HTTPS connections at the proxy by installing a webserver on it as well though). For us this was an easy fix however. 

From the Microsoft article on FormsAuth:

If you deploy your application in a Web farm, you must ensure that the configuration files on each server share the same value for validationKey and decryptionKey, which are used for hashing and decryption respectively. This is required because you cannot guarantee which server will handle successive requests.

With manually generated key values, the <machineKey> settings should be similar to the following example.

<machineKey  
validationKey="21F090935F6E49C2C797F69BBAAD8402ABD2EE0B667A8B44EA7DD4374267A75D7
               AD972A119482D15A4127461DB1DC347C1A63AE5F1CCFAACFF1B72A7F0A281B"           
decryptionKey="ABAA84D7EC4BB56D75D217CECFFB9628809BDB8BF91CFCD64568A145BE59719F"
validation="SHA1"
decryption="AES"
/>

If you want to isolate your application from other applications on the same server, place the <machineKey> in the Web.config file for each application on each server in the farm. Ensure that you use separate key values for each application, but duplicate each application’s keys across all servers in the farm.

To generate a Machine Key, simply go to this handy webpage and generate a new key. You can then either add it just after the <system.webelement to your application’s local web.config or to the root web.config which will be in your .Net installation folder (something like C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config).

After you have done this on all your servers, you can check them all by going into IIS and selecting Machine Key where you can see if each server is using the correct keys.

However, after doing this it still wasn’t working for us. After a little digging about we realised we hadn’t installed any Windows Updates on the new server. I think it was specifically this one that was stopping it working, but after a full update and a reboot it all worked just fine.

Add a virtual directory to multiple sites in IIS 7.x using PowerShell.

Someone needed to add virtual directory to a few dozen sites in IIS, so I wrote them a little script to do it. To use it save the code below as something like ‘CreateVirDirs.ps1’, open a Powershell prompt with administrator rights, cd to the directory you saved it in and then execute it with .\CreateVirDirs.ps1

Import-Module WebAdministration

$sites = Get-Childitem 'IIS:\Sites'
$name = "NewVirtualDirectory"
$vdPath = "D:\Temp"

foreach ($site in $sites) {
    $path = 'IIS:\Sites\' + $site.Name + '\' + $name
    New-Item $path -type VirtualDirectory -physicalPath $vdPath
    Write-Output $path
}

You should get output like:

PS D:\> .\CreateVirDirs.ps1

Name                                                        PhysicalPath
----                                                        ------------
NewVirtualDirectory                                         D:\Temp
IIS:\Sites\Default Web Site\NewVirtualDirectory
NewVirtualDirectory                                         D:\Temp
IIS:\Sites\www.ichi.co.uk\NewVirtualDirectory
NewVirtualDirectory                                         D:\Temp
IIS:\Sites\Some Other Site\NewVirtualDirectory

That will add the virtual directory to every site in IIS, but you can limit it quite easily which is explained here. If you get an error due to not having the WebAdministration module, this might be of some use. Hope that helps!

MJ12bot and blocking web crawlers with IIS 7

Our web servers were recently getting hit pretty hard by web crawler bots that simply ignore your Robots.txt file. We were getting hit especially hard by a bot called MJ12bot, which is supposed to be for a distributed search engine which they say lives in an alpha state at search.majestic12.co.uk (at the time of writing that is down). It seems they get people to run their SETI@Home like software that uses your power, CPU and bandwidth to help them build what they say is a distributed search engine. What they definitely are doing with the data at present is running a SEO business, that tells you how many back-links you have, etc. via what seems to be the huge index that they have built via people donating their computing resources. 

We use Windows 2008 R2, so the solution for us was to block these crawlers via their user agent (easily done with Apache as well). To do so, open your site in IIS 7 and select the URL Rewrite module (you may have to add this via the Add/Remove Windows Features tool). Select Add Rule (in the top right) and then select ‘Blank rule’. Set you’re new rule up like the image below shows…

And add a condition like the one below…

Our regex string is “MJ12bot|soso|baidu|youdao|NaverBot|Yeti|ichiro|moget|sogou|Speedy”, however you may want to include Yandex in that as well. I’ve just removed them as they emailed us asking us to allow them to index our site and said that they obey Robots.txt rules, such as crawl-rate and disallow. 

***UPDATE***

Steve from Majestic12 has posted a detailed response regarding MJ12bot below