IIS ARR – configuration to use self-signed certificates on target server

In this new tutorial dedicated to IIS ARR, I will explain how to configure ARR in order to be able to use a self-signed certificate on the target server. In the previous tutorial, I explained how to do an SSL dump, in this configuration the target server is in HTTP, which means that the request …

Read more



Windows Server: disable a cipher suite

In this tutorial, I will walk you through how to disable a cipher suite also call cipher. If you arrive on this tutorial by a search engine, there is a good chance that it is due to a vulnerability test and that you have an alert that goes up because vulnerable cryptographic suites (cipher) are …

Read more



Nginx: generate a Let’s Encrypt certificate

After seeing how to install and configure Nginx as a reverse proxy and harden security with Crowdsec, I will explain in this tutorial how to generate a Let’s Encrypt certificate. As a reminder, Let’s Encrypt is a free certification authority, which allows you to obtain SSL certificates for free. If you want to generate SSL …

Read more



Nginx: configuration as reverse proxy

In this tutorial dedicated to Nginx, I will explain how to configure it in order to have a reverse proxy. Before getting to the heart of the matter, I will quickly introduce you to Nginx and what a reverse proxy. For this tutorial, I used an Ubuntu 20.04 machine. Introducing Nginx Nginx is a web …

Read more



VPN Server with Windows Server: Installation and Configuration

In this tutorial, I will explain how to set up a VPN server on Windows Server with the role of remote access and configure access with NPS. When setting up a VPN server with Windows, 3 types of VPN service are installed: In this tutorial we will see how to use PPTP and SSTP. When …

Read more



Sophos XG: change the SSL VPN port

By default the SSL VPN port on the Sophos XG firewall is 8443, since version 17.1 it is possible to change the VPN listening port. Using port 443 for VPN blocks listening to this port for other services (forward / WAF). 1. From the web interface, go to VPN 1 and click on Show VPN …

Read more



Kemp: solve the problem of mixed content

If you use Kemp to dump to pass an internet site in HTTPS, it is possible that part of the content of the site (images, css, js) does not appear, the browser returns a Mixed Content error, it means that calls to resources are made in HTTP. To solve this problem, one must make a …

Read more



Stand-alone certification authority: installation on Windows Server

CA

Presentation A Certificate Authority (CA) can issue certificates for internal internet sites, RDS connections … The advantage of having a CA is having to deploy a single certificate on the computers, and some Windows services require certificates from a CA to work: On Windows, there are two types of CAs (summary): Role installation 1. From …

Read more



Redirect HTTP to HTTPS over IIS

Regle ajoutee

In this tutorial, we’ll see how to automatically redirect http requests to https under IIS. Prerequisites : Valid configuration of your site with SSL. Have the Rewrite module installed under IIS. The Rewrite module is available with Web App Redirect HTTP to HTTPS 1. Open the IIS console, go to site 1 where the redirection …

Read more