How to force IIS/ASP.NET to use assembly from the bin folder instead of GAC

If you have a assembly with the same version number located both in the bin folder for a web site and in the Global Assembly Cache (GAC), ASP.NET will by default use the GAC version of the file. Sometimes that’s not the ideal solution so here’s a workaround.

1. Open web.config in a text editor

2. Add this code to /configuration/runtime/assemblyBinding/dependentAssembly:

<assemblyIdentity name="Your.Assembly.Name" publicKeyToken="31bf3856ad364e35"/>
<codebase version="1.0.0.0" href="/bin/Your.Assembly.Name.dll" />

Continue reading

How to block search engines from indexing all sites in a IIS instance

This can be useful on development sites where you have many IIS sites running but don’t want search engines to index them without creating robots.txt on every site.

To do this we’ll have to add a X-Robots-Tag HTTP Response header which is some search engines including Google as detailed here: http://googleblog.blogspot.com/2007/07/robots-exclusion-protocol-now-with-even.html

Here are the steps:

1. Open Internet Information Services (IIS) Manager
2. Click the server instance name from the left menu
3. Open HTTP Response Headers
4. Click Add… from the action menu
5. In the Name input, type: X-Robots-Tag and in the Value input, type: noindex

How to disable ciphers vulnerable to the BEAST vulnerability on Windows server/IIS

By default the SSL protocol encrypts data by using CBC mode with chained initialization vectors. This allows an attacker, which is has gotten access to an HTTPS session via man-in-the-middle (MITM) attacks or other means, to obtain plain text HTTP headers via a blockwise chosen-boundary attack (BCBA) in conjunction with Javascript code that uses the HTML5 WebSocket API, the Java URLConnection API, or the Silverlight WebClient API. This vulnerability is more commonly referred to as Browser Exploit Against SSL/TLS or “BEAST”. Continue reading

How to create pfx (PKCS12) file using openssl

If you have a certificate file and private key and need to move that to a Windows server you can easily create a pfx file that can be imported on the Windows server.

Here’s how:

openssl pkcs12 -export -in {cer_filename}.cer -inkey {key_filename}.key -out {pfx_filename}.pfx

You will be asked to provide a password. You’ll need to use this password when you import the certificate on the Windows server.

How to migrate multiple sites from IIS 6 to IIS 7

This is a quick guide on how to migrate all sites from IIS 6 to IIS 7. You can probably use the same commands to move sites from one IIS 7 to another.

Everything will be migrated, including application pools, virtual directories, SSL certficiates etc.

1. Download and install Web Deployment Tool on both source and destination servers: http://www.iis.net/download/webdeploy Continue reading