I was recently in need of the ability to harden an IIS server to remove things like the IIS and ASP.NET identifiers as well as enforce HTTPS, when I came across a great Powershell (go Powershell!) script that automates the whole process. You can download the script from https://github.com/drewhjelm/iis-hardening/blob/master/configure%20IIS%20security.ps1
*Test in a non-production environment first!*
There is only one prerequisite to deploy to IIS servers and that is URL Rewrite 2.0. After deploying URL Rewrite, run the Powershell Script (reboot will be required) and it will set the following settings:
- Remove IIS and ASP.NET identification
- Enforce HSTS (HTTP Strict Transport Security)
- Enforce HTTPS (redirects all requests from HTTP to HTTPS)
- Prevent framejacking
- Disables insecure / weak ciphers
- Configures SSL / TLS to meet PCI best practices
Another useful tool is Nartac Software IISCrypto. This tool focuses on crypto management of IIS in an easy to use interface as opposed to making all changes in the registry.
Microsoft has published a new roadmap website for business and enterprise customers detailing features coming to Windows 10. This roadmap not only shows features coming to PCs, but to HoloLens, IoT, Surface Hub, Windows 10 Mobile, and industry devices like kiosks, ATMs, POS devices.
Check it out at https://www.microsoft.com/en-us/WindowsForBusiness/windows-roadmap
I’d also encourage taking a look at the Microsoft Edge Platform Status at https://developer.microsoft.com/en-us/microsoft-edge/platform/status/to learn more about features coming to Microsoft Edge.
Lost that DVD? That USB key? Misplaced your ISO? Microsoft has you covered! Below are the official links to download media directly from the source.
Windows 7 – https://www.microsoft.com/en-us/software-download/windows7
Windows 8.1 – https://www.microsoft.com/en-us/software-download/windows8ISO
Windows 10 (Media Creation Tool) – https://www.microsoft.com/en-us/software-download/windows10
NOTE: If you’re looking to upgrade an existing system, use the media creation tool. It will intelligently download the necessary bits and walk you through the Windows 10 upgrade process.
Windows 10 (ISO) – https://www.microsoft.com/en-us/software-download/windows10ISO
Anyone remember Windows Live Writer? It was pretty much the best blogging client available for many years…if you were a Windows user. If you use a Mac, there haven’t been any good free options. Until now.
My good friend Den Delimarsky is setting out to build a cross-platform blogging client for Windows, OS X, iOS, and Android. It’s called Alki. No ETA on availability, but he’s got some cool features planned according to his website.
If you’re interested in signing-up to test Alki when it’s available, go to http://dennisdel.com/alki/ and sign-up from the home page.
I tend to look forward to January 1st each year, as this is my MVP Award renewal date. Woke up this morning and received the following message.
Thank you Microsoft, thank you to my wonderful MVP lead, and thanks to all of you. My goal this year is to try to do more blogging, and with Windows 10, Windows Server v.Next, and more on the way, that should be a relatively easy goal to achieve.
Microsoft has released the Windows 10 Technical Preview and Preview for Enterprise this week. If you’re like me and you use a mix of Macs and PCs, you may decide to run the Technical Preview using some sort of virtualization software. In my case, I was trying to install the preview with Parallels Desktop 10.
During the install, it was asking for drivers before the install could continue. Turns out the fix for this issue is a very simple one. Instead of using a SATA DVD drive in the VM, change the DVD drive to use and IDE drive, as illustrated below.
If you’re a Windows Server 2012 R2 user and you use the Essentials Experience role (same features as the standalone SKU) in a multi domain controller (DC) environment, you may have noticed that the wizards for integrating with Office 365 and Windows Azure Active Directory are disabled. This is because they were designed to function in a single DC environment.
Today, Microsoft has corrected this behavior as part of update rollup 2975719. If you install this update rollup, you should now be able to use the wizards as intended.
More info: Update Rollup August 2014 | Office 365 Integration KB