POODLE Vulnerability and disabling SSLv3

15 Oct
Given the recently discovered POODLE vulnerability (http://googleonlinesecurity.blogspot.co.uk/2014/10/this-poodle-bites-exploiting-ssl-30.html) I thought it might be useful to outline the steps taken to disable SSLv3. You can use this website to check a public website to easily see if SSLv2 and SSLv3 are enabled: http://foundeo.com/products/iis-weak-ssl-ciphers/test.cfm? You...
Read more »

IIS 7 Reverse Proxy with the Application Request Routing module

15 Mar
I recently setup a new web server and wanted an easy way to point a public site to an internal server. Fortunately this is very easy in IIS, download both the URL Rewrite module and the Application Request Routing module: http://www.iis.net/download/URLRewrite http://www.iis.net/download/ApplicationRequestRouting Then, in the...
Read more »