Install and configure your SSL Certificate on Windows Server 2012 with IIS

Windows-Server

Have you created a Certificate Signing Request (CSR)? If no then you need to create it and order your certificate.
Below are the steps to create CSR request –

  • Open the Internet Information Services (IIS) Manager by pressing the command Win+R > “inetmgr” > Enter.
  • Double-click the Server Certificates icon on the Home page.

csr_iis8_1

  • Click on the Create Certificate Request from Actions menu on the right which will open the Request Certificate.

csr_iis8_2

  • In the Distinguished Name Properties window enter the below information –

csr_iis8_3

  1. Common Name – It is the name through which certificate will be accessible. It is usually the completely-qualified domain name. e.g. www.domain.com or mail.domain.com.
  2. Organization – The legally registered name of your company/organization.
  3. Organizational Unit – The department name within the company (this entry will be listed as “Web Security”, “IT” or can be simply left blank.)
  4. City/Locality – The place where your organization is located.
  5. State/Province – The state in which your organization is settled.
  6. Country/Region – The country where your company is located.
  • Click Next.
  • Enter the below information in Cryptographic Service Provider Properties and click Next
  1. Cryptographic Service Provider – Select Microsoft RSA Channel from the drop-down list or if you have a specific cryptographic provider select the name from the list.
  2. Bit Length – Select 2048 (or higher) in the drop-down list.

csr_iis8_4

  • In the File Name window, you will need to specify the name of the file to which a newly generated CSR code will be saved and a place where the file would be stored. You can type in the path to the field or use “…” button to browse the file system.
  • csr_iis8_5

  • After specifying the file name and location, click the Finish button.
  • It’s easy to locate the CSR file on the computer, open it with a text editor and use the CSR for SSL certificate activation.

Steps to install SSL Certificate on Windows Server 2012 from IIS

  • Open the ZIP file that contains your certificate and save the file named cer to the web server’s desktop which you are securing.
  • Start the Internet Information Services (IIS) Manager.
  • Double-click the Server Certificates icon from the Home.
  • install_iis8_1

  • Hover the mouse to Actions panel on the right-side and click on Complete Certificate Request which will open the Complete Certificate Request.
  • The screen will display Specify Certificate Authority Response which contains 3 fields.
  1. File name containing the certification authority’s response – browse through the file system to the certificate file which you have received from the certificate authority.
  2. Friendly name – It helps the server administrator to easily find a particular certificate You can provide the domain name of the certificate in this field.
  3. Select a certificate store for the new certificate – Select Personal from the drop-down list.

install_iis8_3

  • Click OK button once all the fields are set properly.
  • The certificate is uploaded to the server and should appear in the storage now.

Steps to configure your SSL certificate on Windows Server 2012 R2 – IIS

  • Once the successful installation of SSL certificate is done on your server, you will require assigning it to the appropriate website by using IIS.
  • Hover the mouse to the Connections panel on the left side of Internet Information Services (IIS) Manager and select the website from the Sites subfolder.
  • install_iis8_5

  • Navigate to the Actions menu and click on Bindings on the right side to open the Site Bindings.
  • install_iis8_6

  • Now click Add to open AddSiteBinding window in the Site Bindings and modify the below fields here –

install_iis8_7

  1. Type – Choose https from the drop-down menu.
  2. IP address – Select the IP address or if same IP is going to be used for multiple SSL’s on different sites then SNI has to be enabled as well.
  3. Port – Specify the port number for a secure connection. The default post number is443.
  4. SSL Certificate – Select the certificate that was installed needs to be specified.

install_iis8_8

  • Now click OK.

Your SSL certificate is now installed and the website is configured to permit secure connections. Once SSL installed on Domain, Please check domain on below link for verification -https://www.sslshopper.com/ssl-checker.html

read more

Posted in Web Hosting | Tagged , | Comments Off on Install and configure your SSL Certificate on Windows Server 2012 with IIS

Which SSL Certificate is good for your website?

SSL Certificate

SSL Certificates are necessary for those sites where a user is supposed to submit highly private and confidential information. It augments the website’s security and prevents imposters from doing fraud under your website’s name.

These certificates are of different types. Some organizations need SSL certificate for encryption only, while others need to exhibit their integrity and want to build a stable and reliable relationship with customers. So which SSL certificate will be best for your website? Here are the three different types of SSL Certificates which can help you determine the right choice for your website.

read more

Posted in Web Hosting | Tagged , , , , | Comments Off on Which SSL Certificate is good for your website?

How to Resolve MySQL High Memory Usage?

MySQL memory usage

What is MySQL?

MySQL is the most popular database used in web applications. It’s free, easy to administer and is supported by all hosting providers. There’s a common issue that MySQL servers face and that is high server load due to high memory issue.

Why does MySQL consume high memory?

  1. Application software like Python, PHP, JAVA threads utilize more memory when configured improperly or un-optimized queries, complex coding, etc.
  2. Due to improper configuration of MySQL, it leads to inefficient memory or wastage of memory.
  3. If the memory is lower than, required by the processes on the server.

Resolutions to fix MySQL high memory usage –

  1. Optimization of MySQL settings –

MySQL uses memory in two ways:

  • One is the memory permanently reserved for its use –

Known as Global Buffers category, it is obtained from the operating system during server boot-up and isn’t released to another process.

read more

Posted in Web Hosting | Tagged , | Comments Off on How to Resolve MySQL High Memory Usage?

The benefits of using a dedicated IP address

Benefits-of-using-a-Dedicated-IP-addressA common issue when hosting a website on a shared server is: do you need to use a dedicated IP address? Why not just stick with the shared IP address? A dedicated one offers many advantages, but let’s look at the definitions first.

IP — Internet Protocol — is a unique address given to each computer connected to a network. It’s used to identify a location of a specific machine or a website. In our case, your website.

A shared IP address is a single address shared by multiple websites on a single web server. A dedicated IP address is used by just one website, which can then be accessed either by its domain name or directly by its IP address.

read more

Posted in Web Hosting | Tagged , , | Comments Off on The benefits of using a dedicated IP address

Why and How to Disable Mod_Security?

why-and-how-disable-mod-securityAn apache module that helps to secure your website from several attacks is called Mod_security. Commonly known exploits are blocked with mod_security by using regular expressions and rule sets. It helps in strengthening the security of your servers by potentially blocking common code injection attacks.

No doubt mod-security can be useful when properly configured but many hosting providers don’t do this job correctly leading to problems. The commonly faced problems include triggering of security protocols on standard actions which should be allowed, 403 or 404 errors, access denied error, login issues, unable to modify categories and boards or similar problems.

read more

Posted in Web Hosting | Tagged , , , | Comments Off on Why and How to Disable Mod_Security?

My Website is not working

Site Optimization

If you have a website, whether for business or leisure, you may have found certain days where your website just doesn’t load. There could be an array of reasons for this which includes elements such as:

The website domain name could be expired

Many people think your domain name needs a registration and thereafter, all is good. However, your domain needs to be renewed on an annual basis. If you cannot access your website, visit the website called who.is and punch in your domain name. This will generate a status update to let you know if your domain name needs to be renewed and if it does, contact your domain registrar. Should this be the issue, simply pay the outstanding amount and your registrar will reactivate your domain and your website will be back up and running.

read more

Posted in Dedicated Website Hosting | Tagged , , | Comments Off on My Website is not working

GLIBC GHOST – How to deal with it?

Glibc ghost

A critical vulnerability in the glibc library has been announced by Red Hat Product Security, assigned as CVE-2015-0235 and is commonly called as ‘GHOST’.

What is GHOST? 

A buffer-overflow bug, GHOST affects the gethostbyname() and gethostbyname2() function calls in the glibc library. A remote attacker can make an application call to either of these functions to execute arbitrary code with the permissions of the user running the application.

Impact of GHOST

The gethostbyname() function call is used for resolving DNS which is a very common event. This vulnerability can be exploited by an attacker by triggering a buffer overflow by offering an invalid hostname argument to an application that performs a DNS resolution.

read more

Posted in Web Hosting | Tagged , | Comments Off on GLIBC GHOST – How to deal with it?

CSF is Blocking Your IP? Here’s What You Can Do?

CSF blocking IP

Generally, considered to be an advanced firewall, CSF blocks external IPs (Inbound Connections) to avoid Brute force attack or attack similar to that (Multiple login failures, hacking attempts, etc.) on a server. The firewall might block the connection while uploading files using Filezilla.  It might be possible that Filezilla is trying to open multiple simultaneous connections to speed up the transfer. The firewall may interpret it as brute force or port scan activity and block the IP address from where the connection is originating.

read more

Posted in Web Hosting | Tagged , | Comments Off on CSF is Blocking Your IP? Here’s What You Can Do?

HTTP Status and Error Codes

HTTP Status and Error Codes

HTTP status and error codes are responses that are given by the website servers. The status codes are informational codes while HTTP error codes show an error.

The purpose of these codes is to communicate the cause of the issue so that it can be resolved. You must have seen most of these codes on the internet while browsing like HTTP 404, HTTP 500 and others.

Every HTTP status and error code has two parts:

  1. The code (such as HTTP 404)
  2. The reason phrase (such as Not found)

The phrases are simple phrases that explain the code and are helpful in making sense of the code. For instance, an HTTP 404 error code doesn’t make much sense but HTTP 404 Page Not Found makes sense that the page on the website is not found.

read more

Posted in Dedicated Website Hosting | Tagged , | Comments Off on HTTP Status and Error Codes

Linux Server Security: SELinux or Systemd?

bodHOST Linux Server Security

The security of a Linux server is being always a sensitive issue. Here is what Greg Kroah-Hartman thinks about SELinux (he is one of project developers of systemd).

The recent convention of CoreOS Fest Berlin (9 and 10 May 2016) was particularly rich in action and followed by several specialized portals. During the event, Greg Kroah-Hartman had given some interesting statements on ‘the Linux kernel development process and the security of the operating system’.

The important issue was also touched by Lennart Poettering (currently employed by Red Hat and known for Avahi, PulseAudio, and systemd), he is one of the developers of the project systemd init (process during startup is called into question by the kernel to initialize the user space), which he explained with essential parameters that act on the safety of a Linux server.

read more

Posted in Web Hosting | Tagged , , | Comments Off on Linux Server Security: SELinux or Systemd?