Archive for December, 2009

Plesk for Windows – PCI Compliance

This is somewhat of a work in progress. The only thing flagged by PCI compliance scans so far is the use of SSLv2. This can be disabled in Windows 2003 by adding the following registry entry in: HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols\SSL 2.0\Server create a new DWORD named Enabled with the default value Also disable weak ciphers: HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders […]

Plesk for Linux – PCI Compliance

Courier Weak SSL Ciphers and SSLv2 The most common flaw uncovered by a PCI compliance scan is that a service is allowing SSL connections using weak SSL ciphers. Disable SSLv2 in Courier by adding the following line to both /etc/courier-imap/imapd-ssl and /etc/courier-imap/pop3d-ssl: TLS_CIPHER_LIST=”HIGH:MEDIUM:!SSLv2:!LOW:!EXP:!aNULL:@STRENGTH” After restarting Courier, test with openssl to confirm SSLv2 has been disabled […]

Resync the IIS anonymous username and password on Plesk for Windows

If the domain is prompting for a login, and then gives “HTTP Error 401.1 – Unauthorized: Access is denied due to invalid credentials”, there might be an issue with the anonymous password that Plesk is holding. First thing to check is that all directory permissions are adequate and that anonymous directory access is ticked in […]

Zeus 301 redirect

Add the following to rewrite.script: match URL into $ with (.*) set SCRATCH:COND = %{IN:Host} match SCRATCH:COND into % with ^domainname\.co\.uk if not matched then goto RULE_0_END set URL = http://www.domainname.co.uk$1 set RESPONSE = 301 set OUT:Location = %{URL} set BODY = Please try <a href=”%{URL}”>here</a> instead\n RULE_0_END:

mod_rewrite 301 redirect

To redirect the entire site, for example to enforce www. , add the following to .htaccess Options +FollowSymLinks RewriteEngine On RewriteCond %{HTTP_HOST} ^domain\.com$ [NC] RewriteRule ^(.*)$ http://www.domain.com/$1 [R=301,L]

CDONTS vs CDOSYS for ASP Email

CDONTS was deprecated and replaced by CDOSYS in Winddows 2003.  You can still install and use CDONTs if you need it though.  Just google for CDONTS and register the DLL. CDONTS Example: <% Option Explicit Dim objMail Dim strSubject Dim strBody strSubject = “This is a test email in HTML format”