In this tutorial, I will explain to you how to set up a redirection of a site from HTTP to HTTPS with ARR. If you don’t yet know IIS ARR, I’ll let you discover it in this tutorial: IIS ARR: Installation and configuration. This type of redirection is often implemented when using ARR with an …
In this new tutorial dedicated to IIS ARR, I will explain how to configure ARR in order to be able to use a self-signed certificate on the target server. In the previous tutorial, I explained how to do an SSL dump, in this configuration the target server is in HTTP, which means that the request …
In this tutorial, I will walk you through how to disable a cipher suite also call cipher. If you arrive on this tutorial by a search engine, there is a good chance that it is due to a vulnerability test and that you have an alert that goes up because vulnerable cryptographic suites (cipher) are …
After seeing how to install and configure Nginx as a reverse proxy and harden security with Crowdsec, I will explain in this tutorial how to generate a Let’s Encrypt certificate. As a reminder, Let’s Encrypt is a free certification authority, which allows you to obtain SSL certificates for free. If you want to generate SSL …
In this tutorial dedicated to Nginx, I will explain how to configure it in order to have a reverse proxy. Before getting to the heart of the matter, I will quickly introduce you to Nginx and what a reverse proxy. For this tutorial, I used an Ubuntu 20.04 machine. Introducing Nginx Nginx is a web …
In this tutorial, I will explain how to set up a VPN server on Windows Server with the role of remote access and configure access with NPS. When setting up a VPN server with Windows, 3 types of VPN service are installed: In this tutorial we will see how to use PPTP and SSTP. When …
This tutorial explains how to deploy a certificate using a Group Policy (GPO).
By default the SSL VPN port on the Sophos XG firewall is 8443, since version 17.1 it is possible to change the VPN listening port. Using port 443 for VPN blocks listening to this port for other services (forward / WAF). 1. From the web interface, go to VPN 1 and click on Show VPN …
If you use Kemp to dump to pass an internet site in HTTPS, it is possible that part of the content of the site (images, css, js) does not appear, the browser returns a Mixed Content error, it means that calls to resources are made in HTTP. To solve this problem, one must make a …
Presentation A Certificate Authority (CA) can issue certificates for internal internet sites, RDS connections … The advantage of having a CA is having to deploy a single certificate on the computers, and some Windows services require certificates from a CA to work: On Windows, there are two types of CAs (summary): Role installation 1. From …