Tag Archives: IIS

How to Set File Permissions for ASP.NET Website on Windows

Problem:

  • You have ASP.NET website on Windows.
  • Your website application pool name is mysite.com.
  • Your website physical location is D:\inetpub\wwwroot\mysite.com.
  • Your website physical data location is D:\mysite_data.
  • Your website users cannot upload or modify website files.
  • Your website users cannot upload or modify website data files.

Solution:

1. Open cmd.exe as Administrator and execute the command below.

icacls "D:\inetpub\wwwroot\mysite.com" /grant "IIS AppPool\mysite.com":(OI)(CI)F /T
icacls "D:\mysite_data" /grant "IIS AppPool\mysite.com":(OI)(CI)F /T

This command give full permissions against D:\inetpub\wwwroot\mysite.com  and all sub-directories and files, and against D:\mysite_data  and all sub-directories and files to mysite.com user.

2. Alternatively you can execute the command below.

icacls "D:\inetpub\wwwroot\mysite.com" /grant IIS_IUSRS:F /t
icacls "D:\mysite_data" /grant IIS_IUSRS:F /t

This command give full permissions against D:\inetpub\wwwroot\mysite.com  and all sub-directories and files, and against D:\mysite_data  and all sub-directories and files to IIS_IUSRS group.

mysite.com user is part of the IIS_IUSRS group.

 

How to Back Up and Restore IIS App Pool and Site Settings

Motivation:

You want to back up and restore IIS app pool and site settings.

Solution:

1. Open Command Prompt (Admin) and execute commands below to export IIS app pool and site settings to XML files.

%windir%\system32\inetsrv\appcmd list apppool /config /xml > \\192.168.101.140\BCDR\WEBBC02\E\inetpub\apppools.xml
%windir%\system32\inetsrv\appcmd list site /config /xml > \\192.168.101.140\BCDR\WEBBC02\E\inetpub\sites.xml

2. Remove all existing IIS app pools and sites, then execute the command below to import IIS app pool and site settings from XML files.

%windir%\system32\inetsrv\appcmd list apppool /config /xml < \\192.168.101.140\BCDR\WEBBC02\E\inetpub\apppools.xml
%windir%\system32\inetsrv\appcmd list site /config /xml < \\192.168.101.140\BCDR\WEBBC02\E\inetpub\sites.xml

How to Manually Install PHP 7.4 on Windows Server 2019

Motivation:

  • You want to deploy a PHP application or WordPress on Windows Server 2019.
  • You want to update PHP to any version to address compatibility or security issues in Windows.
  • You want to understand how PHP works with IIS.

Solution:

  • Install CGI for IIS on Turn Windows features on or off > Internet Information Services > World Wide Web Services > Application Development Features > CGI.
  • Download VC15 x86 Non Thread Safe package here or under PHP 7.4 section from http://windows.php.net/download/
  • Extract the ZIP file to the C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86 folder.
  • Rename the php-.ini-development file to php.ini.
  • Open the php.ini file and add the following line at the end of the file.
    extension=php_wincache.dll
  • Uncomment the following lines
    fastcgi.impersonate = 1;
    
    cgi.fix_pathinfo=1;
    cgi.force_redirect = 1 (and change the value to 0, i.e. cgi.force_redirect = 0)
    
    extension_dir = "C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86\ext"
    
    extension=php_curl.dll
    extension=php_fileinfo.dll
    extension=php_mbstring.dll
    extension=php_exif.dll
    extension=php_mysqli.dll
    extension=php_pdo_mysql.dll
    extension=php_openssl.dll
    
    error_log = "C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86\php_errors.log"
    
    error_log = syslog
  • A sample php.ini file can be download here.
  • Add C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86 to System Path.
  • Download x86 package of WinCache 2.0 for PHP 7.4 here or from https://sourceforge.net/projects/wincache/.
  • Extract and copy the php_wincache.dll file to C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86\ext
    folder.
  • Open IIS, click on Server name, double click on Handler Mappings, click on Add Module Mapping, and enter below information.
    Request path = *.php
    
    Module = FastCgiModule
    
    Executable = "C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86\php-cgi.exe"
    
    Name = PHP 7.4
    
    Request Restrictions = File or folder
  • Download and install VC_redist.x86.exe of Microsoft Visual C++ Redistributable for Visual Studio 2019 here or on https://visualstudio.microsoft.com/downloads/#microsoft-visual-c-redistributable-for-visual-studio-2019
  • en a Command Prompt, execute below command and ensure that NO WARNINGS APPEAR.
    php --version
  • Create phpinfo.php file with below content in the root website folder.
    <?php phpinfo(); ?>
  • Open http://localhost/phpinfo.php URL and verify PHP information.

 

How to Set File Permissions for WordPress on Windows IIS

Motivation:

  • You have a WordPress instance on Windows IIS.
  • You upload a file. Its thumbnail is not shown in Media Library.
  • You change the file permission. Its thumbnail now is shown correctly in Media Library.
  • You upload another file and have to change the file permission manually again.
  • How can we make WordPress automatically set the correct permission for new uploaded files?

Procedure:

  1. Ensure that the the Identity of Application pool that the website is running under is ApplicationPoolIdentity.
  2. Execute below commands as Administrator
icacls "C:\inetpub\wwwroot\domain.com" /grant "IUSR":(OI)(CI)F /T 
icacls "C:\inetpub\wwwroot\domain.com" /grant "IIS_IUSRS":(OI)(CI)F /T

3. Set up IIS.

  • Open IIS Manager.
  • Click on your website.
  • Click Authentication.
  • Click Anonymous Authentication (which should be the only one enabled).
  • Click Edit.
  • Select Application pool identity if it is not selected.
  • Click OK.

 

 

How to Manually Install PHP 8.1 on Windows 10

Motivation:

  • You want to understand how PHP works with IIS.
  • You want to prepare a PHP or WordPress development environment on Windows.
  • You want to update PHP to any version to address compatibility or security issues on Windows.

Solution:

  • Install CGI for IIS on Turn Windows features on or off > Internet Information Services > World Wide Web Services > Application Development Features > CGI.
  • Download VS16 x64 Non Thread Safe package under PHP 8.1 section on https://windows.php.net/download/.
  • Extract the ZIP file to C:\Program Files\php-8.1.10-nts-Win32-vs16-x64 folder.
  • Download the cacert.pem file and move it to the C:\Program Files\php-8.1.10-nts-Win32-vs16-x64\extras\ssl folder.
  • Copy the php-.ini-development file to php.ini.
  • Open the php.ini file and uncomment the following lines
    fastcgi.impersonate = 1;
    
    cgi.fix_pathinfo=1;
    cgi.force_redirect = 1 (and change the value to 0, i.e. cgi.force_redirect = 0)
    
    extension_dir = "C:\Program Files\php-8.1.10-nts-Win32-vs16-x64\ext"
    
    extension=curl
    extension=fileinfo
    extension=gd
    extension=gettext
    extension=mbstring
    extension=exif ; Must be after mbstring as it depends on it
    extension=mysqli
    extension=openssl
    extension=pdo_mysql
    
    error_log = "C:\Program Files\php-8.1.10-nts-Win32-vs16-x64\php_errors.log"
    
    error_log = syslog
    
    curl.cainfo = "C:\Program Files\php-8.1.10-nts-Win32-vs16-x64\extras\ssl\cacert.pem"
    
    openssl.capath="C:\Program Files\php-8.1.10-nts-Win32-vs16-x64\extras\ssl\cacert.pem"
  • Add C:\Program Files\php-8.1.10-nts-Win32-vs16-x64 to SYSTEM PATH.
  • Restart your machine.
  • Open cmd and execute the command below to ensure that the PHP file can be found in the SYSTEM PATH.
    php --version
  • Open IIS, click on Server name, double click on Handler Mappings > Add Module Mapping with below information.
    Request path = *.php
    
    Module = FastCgiModule
    
    Executable = "C:\Program Files\php-8.1.10-nts-Win32-vs16-x64\php-cgi.exe"
    
    Name = PHP 8.1
    
    Request Restrictions = File or folder
  • Create phpinfo.php file with below content in the root website folder.
    <?php phpinfo(); ?>

 

 

How to Use Let’s Encrypt

Motivation:

Why use an SSL/TLS certificate to secure your website?

– To protect your website users from man-in-the-middle attacks.

– To ensure the integrity of the data being sent to your website.

Why use Let’s Encrypt SSL/TLS certificate?

– Because it is FREE.

Tested environment:

  1. Windows Server 2016/IIS 10
  2. win-acme.v2.2.9.1701.x64.pluggable
  3. Ubuntu 18.04
  4. certbot 0.27.0

On Windows and IIS:

  1. If you are using a cloud provider then ensure that HTTP and HTTPS service are enabled on cloud firewall.
  2. Log in a Windows server.
  3. Download
  4. win-acme.v2.2.9.1701.x64.pluggable.zip
  5. on https://github.com/win-acme/win-acme/releases.
  6. Unzip the files to C:\inetpub\win-acme.v2.2.9.1701.x64.pluggable
  7. Open Command Prompt (Admin) and execute below commands.
    cd C:\inetpub\win-acme.v2.2.9.1701.x64.pluggable
  8. Type wacs.exe and press Enter
  9. Follow the instructions.
  10. Open Task Scheduler and ensure that a task with description “Check for renewal of ACME certificates.” has been created.
  11. Open Firewall port 443 if needed.
  12. Open the selected website using HTTPS protocol.
  13. Update emails to which notifications will be sent: Open wacs.exe, type O, then A, then y, and enter an email.
  14. Remove website from automatic renewal:
    wacs.exe --list // Copy the exact name between ": " and " - renewed" without quotes. // Example: [IISBinding] huybien.com 
    wacs.exe --cancel --friendlyname "[IISBinding] huybien.com"

Upgrading win-acme

  1. Go to the old version folder, type wacs, press a, press c to cancel renewal.
  2. Download and extract new version.
  3. Go to the new version folder, type wacs, press N to create new certificates, and select option to replace the existing scheduled task.
  4. Delete the old version folder.

Redirecting HTTP to HTTPS in IIS7

  1. Install the Microsoft URL Rewrite Module if needed.
  2. Make sure Require SSL is NOT checked under SSL Settings for your website.
  3. Copy and paste the following code between the <rules> and </rules> tags in your web.config file in your website root directory.
    <rule name="HTTP to HTTPS redirect" stopProcessing="true">
       <match url="(.*)" />
          <conditions>
             <add input="{HTTPS}" pattern="off" ignoreCase="true" />
          </conditions>
       <action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" />
    </rule>
  4. Open your site using HTTP protocol and ensure that you are redirected to the HTTPS site.

Multiple SSL Certificates per IP Address

  1. You have to use Server 2012 IIS to support Server Name Indication (SNI) which allows you to bind multiple SSL certificates to a single IP Address.
  2. Please repeat the Procedure for each site, then go to the IIS site, Bindings and ensure that the check box Require Server Name Indication is selected and the corresponding SSL Certificate is selected.
  3. Please be noted that SNI does not work with Windows XP clients.

On Ubuntu and nginx

  1. Login as root via SSH to a Ubuntu server.
  2. Execute 3 commands below.
sudo apt install python-certbot-nginx
sudo certbot --nginx -d huybien.com -d www.huybien.com -d example.com -d www.example.com 
sudo certbot renew --dry-run

3. Remove a certificate:

sudo certbot delete

4. Update emails to which notifications will be sent:

sudo certbot register --update-registration --email [email protected]

5. Review Let’s Encrypt’s log file:

sudo nano /var/log/letsencrypt/letsencrypt.log
# Press Ctrl+W, then enter a string to be found.
# Press Alt+W to find a next match.

 

 

 

Topic 8 – Introduction to Web Application Development

Why do I need to learn about web application development?

Desktop applications are very powerful and convenient but their development, deployment and maintenance are daunting.

The reason is that the platform dependency makes it very expensive to create a desktop application working on different versions of different operating systems, such as Windows, Linux and Mac OSX.

Deployment and updates of desktop application typically require high privileges access to a computer machine, causing a problem for companies requiring high security.

Fortunately, you can overcome these limitations by creating a web application running on a browser. To create a web application you need to learn about web application development.

What can I do after finishing learning web application development?

You will be able to create web applications like The BBC News, The WordPress Blog or The White House Website.

This is exactly what I want to learn! What should I do now?

Web application development requires a lot of reading. You have to master networking concepts, HTML, CSS, JavaScript, a programming language and a database management system for web. Please read
– this Semmy Purewal (2014). Learning Web App Development. O’Reilly Media book, and
– this Jon Duckett (2011). HTML & CSS – Design and Build Websites. John Wiley & Sons book first to get familiar with web application development.

After that please read
– this Stephen Greig (2013). CSS3 – Pushing the Limits. John Wiley & Sons book and
– this Anne Boehm and Zak Ruvalcaba (2018). Murach’s HTML5 and CSS3. Mike Murach and Associates book to learn in-depth about HTML and CSS.

JavaScript is the language for web development because it is implemented in most of the web browsers.
Please read
– this David Flanagan (2020). JavaScript: The Definitive Guide. O’Reilly Media book, and
– this Kyle Simpson (2015). You Don’t Know JS. O’Reilly Media book, and
– this Jon Duckett (2014). JavaScript and JQuery. Interactive Front-End Web Development. John Wiley & Sons book to master it.
Strong knowledge of JavaScript will ease your web development learning very much.

Single page application is the default front-end choice for most of new web development projects.
Please read
– this Kirupa Chinnathambi (2018). Learning React. Addison-Wesley Professional book, and
– this Alex Banks and Eve Porcello (2020). Learning React Modern Patterns for Developing React Apps. O’Reilly book to learn how to create a single page application (SPA).

After that you will have 4 main options. You can choose one of them. We STRONGLY recommend that you choose only ONE option.

You should NOT learn all of them at the beginning. You could save your time by digging into only one option. After mastering the selected technology, you will realize that all of them are very similar in the sense of use.

One note is that although their concepts are similar to one another but it still takes us much time to learn how to apply an approach to real world web application.

When developing a real world web application, you often use only one or two of these 4 approaches. If you cannot make your own selection then we recommend you
– a combination of the first and second option, or
– a combination of the first and third option, or
– a combination of the first and fourth option.

The first option is PHP world.  Please read
– this Luke Welling and Laura Thomson (2016). PHP and MySQL Web Development. Addison-Wesley Professional book or
– this Robin Nixon (2021). Learning PHP, MySQL & JavaScript. O’Reilly book.
After that depending on your projects you may need to read the books below
Brad Williams et al. (2015). Professional WordPress: Design and Development. Wrox.

The second option is ASP.NET.
Please read
– this Adam Freeman (2020). Pro ASP.NET Core 3: Develop Cloud-Ready Web Applications Using MVC, Blazor, and Razor Pages. Apress book and
– this Andrew Lock (2021). ASP.NET Core in Action. Manning book.

A complementary part for this option is ASP.NET Web Forms that is a technology that you need to master if you are maintaining a legacy project.
Please read this Imar Spaanjaars (2014). Beginning ASP.NET 4.5.1 in C# and VB. Wrox book to learn about ASP.NET Web Forms.

The third option is Java world.
If you are not familiar with Java language then please read
– this Cay S. Horstmann (2019). Core Java. Volume I – Fundamentals. Pearson book, and
– this Cay S. Horstmann (2019). Core Java. Volume II – Advanced Features. Pearson book first.

Then please read
– this Tim Downey (2021). Guide to Web Development with Java – Understanding Website Creation. Springer book or
– this Nicholas S. Williams (2014). Professional Java for Web Applications. John Wiley & Sons book.

After that please read this Mark Heckler (2021). Spring Boot – Up and Running – Building Cloud Native Java and Kotlin Applications. O’Reilly Media book.

The 4th option is Node.js world.
Please read
– this Jonathan Wexler (2019). Get Programming with Node.js. Manning Publications book, and
– this Bruno Joseph D’mello et al. (2017). Web Development with MongoDB and Node. Packt Publishing book.

There are also several other options that you may consider if you are required to learn them for a maintenance project.
These options include
Ruby on Rails, please read this Michael Hartl (2020). The Ruby on Rails Tutorial. Addison-Wesley Professional book,
Flask, please read this Miguel Grinberg (2018). Flask Web Development: Developing Web Applications with Python. O’Reilly Media book, and
Django
.

If you need to convert a web application from one platform to another or create a web application framework then please read
– this Leon Shklar and Richard Rosen (2009). Web Application Architecture. John Wiley & Sons book, and
– this Leonard Richardson and Mike Amundsen (2013). RESTful Web APIs. O’Reilly Media book.

Terminology Review:

  • Networking
  • HTTP
  • HTML
  • Cascading Style Sheets (CSS)
  • CGI
  • Web Applications
  • Multiple Page Application
  • Single-Page Application (SPA)
  • RESTful APIs
  • gRPC APIs
  • GraphQL APIs
  • XML
  • SOAP APIs
  • Web Application Frameworks
  • Portal Frameworks
  • Content Management System (CMS)
  • Payment Gateways

After finishing learning about web application development please click Topic 9 – Introduction to Mobile Application Development to continue.