Found a wonder post to share with all.
Archive for the Category ◊ ASP.NET Web Hosting ◊
Since eUKhost has started providing Windows 2008 Server with Shared hosting as well as with Windows dedicated Server hosting there has been allot of new errors coming across. Also ASP .NET with Visual Studio 2008 and MS SQL 2008 has been widely used after the final release of Windows 2008 Server along with MS SQL 2008. The most command error that we have seen in combination of MS SQL 2005 and SQL 2008 is:
TITLE: Microsoft SQL Server Management Studio
Failed to retrieve data for this request. (Microsoft.SqlServer.Management.Sdk.Sfc)
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft+SQL+Server&LinkId=20476
An exception occurred while executing a Transact-SQL statement or batch. (Microsoft.SqlServer.ConnectionInfo)
We have recently had this complain from our various Shared hosting as well as Dedicated Server hosting clients that MSSQL Webadmin ASP .NET Enterprise Manager is having a virus / trojan on it. When the first complain arrived we too thought that there seems to be a problem with the server and might be MSSQL Webadmin ASP .NET Enterprise Manager has got an injection in it. But after receiving too many complains from most of our dedicated server clients we started investigating the problem and now we knew that this is something that has happen globally. After viewing MSSQL Webadmin ASP .NET Enterprise Manager on Plesk server it looked as the picture below:
What is ASP.NET?
ASP.NET, a higher version of ASP, is a programming framework used to create enterprise-class Web Applications. These applications are available to the entire world providing efficient information to their end users. ASP .NET has far more advantages than just a next version of ASP. And it is easily available to configure and use no matter if you have a Dedicated server or a Shared hosting account.
Why to use ASP.NET?
Some times Configuring MSDTC and their error can ruin your Windows Cluster service and your time as well. You may get one of the following error when you failover the MSDTC service from one Dedicated node to another.
This would only happen if the Cluster services has been installed before installing and configuring MSDTC Service. Hence it is highly recommended that you first install and configure MSDTC and then configure the Windows Cluster Service.
Event ID: 4097
MS DTC started with the following settings: Security Configuration (OFF = 0 and ON = 1): Network Administration of Transactions = 1, Network Clients = 0, Distributed Transactions using Native MSDTC Protocol = 1, Transaction Internet Protocol (TIP) = 0, XA Transactions = 1.
Event ID: 4395
MSDTC detected that MSDTC related information in the local registry is different from that in the shared cluster registry. Error Specifics: d:ntcomcom1xdtcsharedmtxclumtxclusetuphelper.cpp:541, CmdLine: C:WINNTSystem32msdtc.exe, Pid: 796
0000: 05 40 00 80 .@.?
Event ID: 4384
MS DTC was unable to start because the installation was not configured to run on a cluster. Please run comclust.exe and restart MS DTC. Error Specifics: d:ntcomcom1xdtcsharedmtxclumtxclusetuphelper.cpp:668, CmdLine: C:WINNTSystem32msdtc.exe, Pid: 796
Event ID : 7024
Source : Service Control Manager
Description: The MSDTC service terminated with service specific error 3221229584.
Initially you should try and run the command below and check if it solves the problem:
If that does not help then follow the fix below:
This has been a regular problem with most of our Windows dedicated Server Clients as well as Windows Shared hosting client that has Plesk 8.4 installed on them, specially for those who need write permissions on web user for the ASP .NET/MSSQL and PHP/MySQL application, that the write permissions on the folder get removed own its own without any changes being made by us or the client. After allot of scratching and investigation we were finally able to reveal the secrete about the permissions issue. The problem was not with Plesk but the way we use to set permissions on the folder.
While I was searching for the solution I found the KB articel on Parallels sites below:
One can point your site to any designated IP address you want without changing the Name server of your Domain. Yes, you will be able to view/test your site on new server without changing the name servers as well as having trouble of using site Preview options in Control panel like Plesk. This option is also helpful in the case of some site that use .js script in their codes since those scripts don’t work in Plesk site preview option. Specially in case of sites that work on DotNetNuke [DNN].
So here we go:
On your local machine, [AND NOT THE SERVER]:
Goto START >> Run >> and Type:
And hit Enter
It is very easy to block a single IP address on a Linux server but Windows Default firewall doesn’t allow us to block a single IP address on the server or for particular ports. However Microsoft released this and introduced IP Security Polices in their Local Security Polices option in the release of their SP2. But most of us are not aware of this option and we mostly adopted third party firewall and pay for their heavy license. However Firewall onl Windows 2008 Server is far more advanced than that on Windows 2003.
It would not be the case now as I have listed detailed steps along with the images on how to block IP using the IP security policy in Windows. This option is also available in XP as well as Windows 2003 Server edition.
How to BLock IP Using Windows:
You can either open MMC from START >> RUN >> MMC and add a new Snapin for IP Security policy with steps below:
Using Certificates to Encrypt Data
Certificates are parallel with asymmetric keys in the SQL Server 2005 encryption hierarchy. A certificate is simply a method of using asymmetric encryption. Certificates bind public keys to individuals who hold the associated private key. Certificates use the same RSA algorithm as asymmetric keys; therefore, they are resource-intensive and their use is normally restricted to encrypting other keys. SQL Server contains an integrated certificate authority, which it uses to issue its own selfsigned, and industry standard X.509 certificates. Alternatively, you can import certificates from an external certificate authority.The use of external certificates allows you to use a wider range of key lengths, which can provide enhanced security. Certificates are the most secure way in which to encrypt data natively within SQL Server 2005.You can use the CREATE CERTIFICATE statement to create a certificate within SQL Server 2005.
EFS can be used to encrypt SQL Server 2005 data files and folders. EFS is supported on Windows 2000 and later operating systems with New Technology File Systems (NTFS) formatted drives. EFS uses a combination of symmetric and asymmetric methods to provide transparent SQL Server 2005 data encryption. On Windows 2003 Server and newer operating systems, EFS by default creates a random File Encryption Key, which is a 256-bit AES key to perform data encryption.The File Encryption Key is then itself encrypted with the user’s public key and stored within the encrypted file or folder.
To encrypt SQL Server 2005 data files and folders using EFS, follow these steps:
1. Stop the SQL Server service.
2. Log out and log in using the SQL Server service account credentials.
3. Right-click on the file or folder to be encrypted and select Properties | General Tab | Advanced.
Why Secure Data in your Windows MSSQL database?
Databases often contain sensitive financial, healthcare, and corporate data. As mentioned earlier, data security breaches are occurring at an alarming rate and international legislations have been passed, which set regulations on how organizations must protect this sensitive data. The Payment Card Industry (PCI), Health Insurance Portability and Accountability Act (HIPAA), Personal Information Protection and Electronic Documents Act (PIPEDA), Gramm-Leach-Bliley Act (GLBA), and the UK Data Protection Act are just a few of these regulations. Several regulations require that sensitive data be encrypted and that organization’s must identify and report data disclosure or misuse. If these regulations are not followed, organizations can face serious repercussions, ranging from financial penalties to imprisonment of responsible parties. Depending on the nature of your business, the above regulations may not apply, but before you discount the need to encrypt data
Smooth working of Mail server totally depends upon Mail Enable Mail Transfer Agent , as the name suggest, Mail Enable MTA is a program running on Mail Server responsible for transferring email messages between computers over the Internet.
Mail Server works with other programs in collaboration to make up what we know as Messaging System. Messaging system must work without any flaws to keep smooth movement of Inbound and Outbound emails. Mail System uses following protocols to send and receive email messages.
SMTP (Simple Mail Transfer Protocol) – For Sending emails
POP3 (Post Office Protocol 3) or – For Receiving emails.
IMAP (Internet Message Access Protocol)
At any point you found out that emails are not reaching their destination, there are high chances of these emails would get stuck in Mail Queue. Only way to release emails from mail queue is to restart mail services. Restarting mail services is done from Mail Server. Make sure before restarting mail service you ask anyone who has good knowledge of doing it.
There are several points that Microsoft suggests before configuring your MS SQL Server.
BEST PRACTICES ACCORDING TO MICROSOFT
- Install only those components that you will use immediately. Microsoft recommends that you create a list of components that you will be using, and only enable those. If the need arises, you can install the additional components at that time. The components in a SQL Server installation are the Database Engine, Analysis Services Engine, Reporting Services, Integration Services, Notification Services, and Documents and Samples. more…
MS SQL 2005 Server was released after 5 servers of it previous SQL version, MS SQL 2000, Hence it required allot to revisions to cope up with the current windows development environment. Therefore MS SQL 2005 SP2 had major changes in it, with too many performances and security fixes. Microsoft could not add few revisions due to its basic development structure however they had all the scope to introduce them in SQL 2008 release. And indeed, MS SQL 2008 has many installation as well as performance fixes being applied to it and allowing Windows Administrators to have full control on SQL activities. The biggest advantage of SQL 2008 over SQL 2005 is the ability to manage and maintain server performance. SQL 2008 does not require too much resource which is the best deal for today’s Shared Hosting environment. Also an upper hand to whose to do not want to invest too much on hardware of their dedicated servers just to run SQL server on it.
I have seen so many people searching ASP or ASP .NET scripts to backup their MySQL databases. Not only this but my Blog has been getting to many hits for the search term “backup mysql asp”. After seeing the need of so many people for the script I decided to write a VBS script to backup all or single MySQL database on Windows server. I am not very good at ASP so I didn’t write the script in ASP or ASP .NET but one can convert this script in either ASP or ASP .NET, it should not be a huge problem I suppose.
Above error pop ups when Error Reporting is enabled on your system and w3wp.exe faces an error.
Windows Error Reporting increases Hard Disk space , by adding above pop ups in two different dump files i.e. HDMP and MDMP
HDMP (Heap Dump) – Uncompressed error dump file generated by Windows when a program has an error or crashes.
MDMP (Mini Dump) – Compressed Heap Dump files are saved as Mini dump (MDMP) files and may be sent to Microsoft as part of an error reporting process.
These steps can be followed on Windows 2000, Windows NT servers, Windows 2003, Windows 2008 and Windows XP.
For steps on Linux refer the link below:
How to install phpMyAdmin 2.11 on Windows Desktop and Server
Here are steps that will help you installed PHPMyAdmin on a Windows server.
>> PHP 4.3/4.4/5.1
>> MySQL 4.0/4.1/5.0
This installation was tested on phpMyAdmin-2.11.1
You can select the file from PHPMyAdmin Downloads
close Port 445:
- Click Start >> Run, to open the Run dialog box
- Here, type regedit to open the registry.
- Navigate to the following registry key – HKEY_LOCAL_MACHINE >> System >> CurrentControlSet >> Services >> NetBT >> Parameters
- On the right-hand pane find the option TransportBindName.
click on TransportBindName and delete the existing default value.
From the above, it is clear, that you have closed Port 445 by giving a blank value to TransportBindName for NetBT services.
close Port 135:
- Click Start >> Run, to open the Run dialog box
- Here, type regedit to open the registry
- Navigate to the following registry key – HKEY_LOCAL_MACHINE >> software >> microsoft >> Ole
- On thee right hand window pane find an option called EnableDCOM
- Double-click EnableDCOM and change the value from Y to N
- click Ok
- Close the Registry Editor and restart your computer
These steps will only work for a standalone servers. Any serveres that are in a cluster state such as Active Directory, SQL failover cluster, Network Load Balancing [NLB] or Windows Replication service that NEVER-EVER follow these steps as it will simply diable port 135 which is used my Distributed File System [DFS] for the servers to comunicate with each other. Disabling it will just wont allow the servers to communicate and the services will fail.
Ways to secure your MS SQL connection string in ASP .NET.
We have seen allot of people looking to have the best option to secure the connection string in their ASP .NET code to connect the MS SQL database since it contains the username and password of their database. It is very important to use a secure method for corporate clients and those who save Credit Card details in their MS SQL database. Or they will easily get hacked and all the important data will be exploited by the hacker. And also for those who store important data in MSSQL.
Here are the list of methods that can be used to secure your MS SQL connection string in your ASP.NET application.
1. Using a DSN connection string:
Enable remote connections for SQL Server 2005 Express or SQL Server 2005 Developer Edition
You must enable remote connections for each instance of SQL Server 2005 that you want to connect to from a remote computer. To do this, follow these steps:
1. Click Start, point to Programs, point to Microsoft SQL Server 2005, point to Configuration Tools, and then click MS SQL Server Surface Area Configuration.
2. On the MS SQL Server 2005 Surface Area Configuration page, click Surface Area Configuration for Services and Connections.
3. On the Surface Area Configuration for Services and Connections page, expand Database Engine, click Remote Connections, click Local and remote connections, click the appropriate protocol to enable for your environment, and then click Apply.
Note Click OK when you receive the following message:
Changes to Connection Settings will not take effect until you restart the Database Engine service.
4. On the Surface Area Configuration for Services and Connections page, expand Database Engine, click Service, click Stop, wait until the MSSQLSERVER service stops, and then click Start to restart the MSSQLSERVER service.
Enable the SQL Server Browser service
If you are running MS SQL Server 2005 by using an instance name and you are not using a specific TCP/IP port number in your connection string, you must enable the SQL Server Browser service to allow for remote connections. For example, MS SQL Server 2005 Express is installed with a default instance name of Computer Name\SQLEXPRESS. You are only required to enable the SQL Server Browser service one time, regardless of how many instances of SQL Server 2005 you are running. To enable the MS SQL Server Browser service, follow these steps.