How to block search engines from indexing all sites in a IIS instance

This can be useful on development sites where you have many IIS sites running but don’t want search engines to index them without creating robots.txt on every site.

To do this we’ll have to add a X-Robots-Tag HTTP Response header which is some search engines including Google as detailed here: http://googleblog.blogspot.com/2007/07/robots-exclusion-protocol-now-with-even.html

Here are the steps:

1. Open Internet Information Services (IIS) Manager
2. Click the server instance name from the left menu
3. Open HTTP Response Headers
4. Click Add… from the action menu
5. In the Name input, type: X-Robots-Tag and in the Value input, type: noindex

How to disable ciphers vulnerable to the BEAST vulnerability on Windows server/IIS

By default the SSL protocol encrypts data by using CBC mode with chained initialization vectors. This allows an attacker, which is has gotten access to an HTTPS session via man-in-the-middle (MITM) attacks or other means, to obtain plain text HTTP headers via a blockwise chosen-boundary attack (BCBA) in conjunction with Javascript code that uses the HTML5 WebSocket API, the Java URLConnection API, or the Silverlight WebClient API. This vulnerability is more commonly referred to as Browser Exploit Against SSL/TLS or “BEAST”. Continue reading

How to migrate multiple sites from IIS 6 to IIS 7

This is a quick guide on how to migrate all sites from IIS 6 to IIS 7. You can probably use the same commands to move sites from one IIS 7 to another.

Everything will be migrated, including application pools, virtual directories, SSL certficiates etc.

1. Download and install Web Deployment Tool on both source and destination servers: http://www.iis.net/download/webdeploy Continue reading