I just ran into a problem whereby new IP addresses (added to my NLB cluster) would not appear in the dropdown bindings list within IIS 7.5.
It was possible to manually enter the IP within the Site Bindings of IIS, but this didn’t allow the site to work.
HTTP error 404 was returned when attempting to access site.
The problem is caused by the new IP address not being present on the IP listen list. I’m sure that previous versions of IIS would automatically update list, but this doesn’t appear to be the case with 7.5.
To add an IP address to the listen list simply open an elevated Command Prompt and enter the following text.
netsh http add iplisten xxx.xxx.xxx.xxx
Be sure to replace the x’s with the correct IP address (for me this was the one I just added to the NLB cluster).
Hit enter and then type the following text and hit enter again.
If all goes well, you should receive a confirmation message stating that the IP address has been added and a couple of other messages regarding the reset of IIS.
After completing the above steps I found that my site in IIS (bound to this new IP address) was now working. However, the IP address still does not appear in the dropdown list of the Site Bindings window. If anyone knows why then please let me know!
Update: Shortly after posting this article I noticed that others sites on this server (using the default IP address) were not working. It turns out that I had to add this IP address to the listen list too – despite these sites working just fine before.
The following commands may also be required – especially when experimenting.
Show IP listen list: netsh http show iplisten
Remove IP from listen list: netsh http remove iplisten xxx.xxx.xxx.xxx
Several websites, that are hosted on servers I manage, recently fell victim to XML Quadratic Blowup Attacks. They were all running WordPress version 3.9.1 or below.
I first noticed a problem when one of the servers started to run extremely slowly. Every website it hosted was taking an age to respond and frequently timing out. The CPU was maxed out at 100%, mainly from PHP requests.
Further investigation narrowed down the website under attack. Below is a screenshot showing the traffic trend for the month to date of that website.
On 15th August page views began to spike, with the most popular requested file being xmlrpc.php.
The temporary fix was to rename the file before installing WordPress 3.9.2, which contains a fix for this exploit.
However, I began to wonder how many other sites, that I was responsible for, could be vulnerable.
So, I decided to write a PowerShell script that scans all websites (on IIS 6 or 7) and checks their current WordPress installation version.
Since the WordPress API is used to obtain the current version, you can set this script to run as a task on your server. If an out of date installation of WordPress is detected then you’ll receive an email notification.
After installing some updates (around 30 in total, between reboots) I noticed that msdeploy was failing to synchronise the IIS Metabase and files from another server.
I’ve ran into this problem before and, if I recall correctly, it also occurred after running Windows Update.
The following error was returned when trying to run msdeploy.
Error: Object of type ‘webServer’ and path ” cannot be created.
Error: Configuration system failed to initialize
Error: Unrecognized configuration section startup. (C:\Program Files\IIS\Microsoft Web Deploy V2\msdeploy.exe.config line 2)
Error count: 1.
Also, when trying to load Internet Information Services (IIS) Manager, a warning popped up saying “Configuration system failed to initialize”.
The problem appeared to be with the following files.