IIS 7.5 and IIS 8.0 European Hosting

BLOG about IIS 7.5 Hosting, IIS 8.0 Hosting and Its Technology - Dedicated to European Windows Hosting Customer

European IIS 10 Hosting - HostForLIFE.eu :: Dedicated Servers As The Secured Solutions

clock November 14, 2018 10:42 by author Peter

When it comes to the option of dedicated servers, you may find it costly in comparison to other web hosting options. But ultimately, the choice is worth making because plenty of commercial benefits are integrated into this web hosting plan. Let’s see how it is a better option than others web hosting plans.

Better uptime
In dedicated hosting arrangements, the service provider reserves the SLA,  including the solution of hardware failure. The service provider maintains a support team for 24x7. With expert skill sets and ITIL complaint methods you can be sure about a high uptime.

Cost efficiency
This is a cost efficient option. According to the plan, a dedicated hosting service provider is responsible for upgradates and maintenance of hardware for maintaining connectivity, and for offering a friendly physical environment. Under this plan, you as a user have no obligation to pay for the total server room or for employing a service administrator. Under this plan you have to pay for the services you will be using.

Reliable bandwidth
Under this web hosting plan you will get to enjoy higher internet speed. There is no chance to lose the speed as there is no risk of sharing the connection. This will help in faster communication, upload management, and uninterrupted business presence.

Complete control on applications
If you select dedicated web hosting, you will enjoy a complete monopoly of decisions about using site management tools and allied other applications to boost your hosting environment. However, about the tools, you need to get prior approval from your hosting service provider that they will be able to give you backend support to maintain them.

Better security arrangement
Dedicated hosting service offers uninterrupted access to physical server. The security arrangement includes supervision cameras, Biometric Access Control System, round-the-clock patrolling, etc. for improved security. Advanced service providers often provide additional supports like DDos guard, web application firewall, VAPT, and security event management.

These reasons can clearly  justify why Dedicated Server is a better option. It is clearly understood that although expensive, this category of web hosting service offers excellent ROI (Return over investment).



European IIS 10 Hosting - HostForLIFE.eu :: How to Enable HTTP Strict-Transport-Security (HSTS) on IIS?

clock November 8, 2018 11:23 by author Peter

In this article, we will only show simple tutorial about how to enable and serve HTTP Strict Transport Security (HSTS) response header in IIS.

Definition HTTP Strict Transport Security (HSTS)

HTTP Strict Transport Security (HSTS) is a web security policy mechanism which is necessary to protect secure HTTPS websites against downgrade attacks, and which greatly simplifies protection against cookie hijacking.

HSTS improves security and prevents man-in-the-middle attacks, downgrade attacks, and cookie-hijacking.

It allows web servers to declare that web browsers (or other complying user agents) should only interact with it using secure HTTPS connections, and never via the insecure HTTP protocol. HSTS is an IETF standards track protocol and is specified in RFC 6797.

The HSTS Policy is communicated by the server to the user agent via an HTTP response header field named Strict-Transport-Security. HSTS Policy specifies a period of time during which the user agent should only access the server in a secure fashion.

Therefore, adding a HSTS header is important after you’ve added SSL to your WordPress website, so browsers automatically request your HTTPS address.

All you need to add to your web.configconfiguration file is an Outbound Rule, to rewrite request responses and sending the HTTP Strict Transport Security response header:

<outboundRules>
  <rule name="Add Strict-Transport-Security when HTTPS" enabled="true">
    <match serverVariable="RESPONSE_Strict_Transport_Security" pattern=".*" />
    <conditions>
      <add input="{HTTPS}" pattern="on" ignoreCase="true" />
    </conditions>
    <action type="Rewrite" value="max-age=31536000" />
  </rule>
</outboundRules>

HSTS and includeSubdomains #

Do you have your SSL (TLS) certificate on your www. subdomain? Then you need to include it using includeSubdomains. The outboundRules rule then becomes:

<rule name="Add Strict-Transport-Security when HTTPS" enabled="true">
  <match serverVariable="RESPONSE_Strict_Transport_Security" pattern=".*" />
  <conditions>
    <add input="{HTTPS}" pattern="on" ignoreCase="true" />
  </conditions>
  <action type="Rewrite" value="max-age=31536000; includeSubDomains; preload" />
</rule>

HSTS header in WordPress functions.php #

You can set a HSTS header through your functions.php theme file as well. For this to happen, you can hook into the send_headers action.

Use the following code in your functions.php to send a HSTS header:

<?php
add_action( 'send_headers', 'saotn_add_hsts_header' );
function saotn_add_hsts_header() {
  header( 'Strict-Transport-Security: max-age=31536000; includeSubDomains; preload' );
}



About HostForLIFE.eu

HostForLIFE.eu is European Windows Hosting Provider which focuses on Windows Platform only. We deliver on-demand hosting solutions including Shared hosting, Reseller Hosting, Cloud Hosting, Dedicated Servers, and IT as a Service for companies of all sizes.

We have offered the latest Windows 2016 Hosting, ASP.NET Core 2.2.1 Hosting, ASP.NET MVC 6 Hosting and SQL 2017 Hosting.


Tag cloud

Sign in