Tag Archive: windows 2008 r2

Encrypt your web.config file

Posted Oct.21, 2011 under IIS server, Servers, Windows and Powershell

Recently, I had a request from a customer, where he wanted to encrypt his web.config file ( wee, a part of it ). Since he didnt know how to do it by himself, he asked us to do it.

Basically, the procedure is very simple.

First, open IIS manager and find the web site you want to encrypt. Got it? Great, when you’re there, look at the site ID, write it somewhere.

 

Then, run command prompt ( as administrator ) and position yourself in the :

C:\Windows\Framework\v4.0.30319\

In case your application is running in .NET 2, position yourself in the V2.0.xxxx folder.

Type in the following command:

aspnet_regiis -pe “connectionStrings” ” -site “IDnumber”

What will this command do?

It will encrypt the connection string part of the web.config file, so it cannot be read in some text editor; ofcourse, your web server will still be able to read the connection string from the file, dont worry :)

BUT WHAT IF I HAVE A VIRTUAL DIRECTOY, AND I WANT TO ENCRYPT THAT web.config FILE?

No problem at all, just use this command:

aspnet_regiis -pe “connectionStrings” -app “/YOURVIRTUALFOLDER” -site “IDnumber”

Notice that I added a “-app “/YOURVIRTUALFOLDER” part to the command.

 

Thats all for today :D Stay smart and bright! :D Bye bye!

Tags: , , , , , , , ,
Leave a Comment

SCVMM? errr…System Center Virtual Machine Manager and HyperV whining :)

Posted Jun.10, 2011 under News, Servers

Couple of days ago I installed SCVMM  in order to test it out, since we are developing our IAAS solution. Everything seemed great until I found out that SVCMM doesnt have any API which can be used to create/turn on/off  new machines.  Yes, I know everything can be scripted thru Powershell, but it sucks that we need to create separate applicatons that will give us that feature. Imagine a solution where PRTG, Nagios or any other tools monitors your server… sees that the CPU load went up ( or any other condition) and starts up a new virtual machine  using API?

Its funny how the guys at MS fails to see the basic requirements for a modern cloud solution; do I have to mention that after years of HyperV being RTM-ed, we still dont have an option to limit a machines uplink speed!? Come on guys…SERIOUSLY!?!?

 

I know that you already have this  little piece of software created, release it…pretty please!? I know that Microsoft sees HyperV in some giant corporation where they dont have a need to limit the uplink of a virtual machine, but IMHO, hosters are having a bigger “market” share  than big corporations, think about us, pretty please with sugar on top :) .

Oh, what about promiscous mode for network cards? You  have no idea how much would I like to use SNORT on my HyperV virtual switch, but…I cant :(

What about the limit on only 4 cores per virtual machine? This is a VERY limiting factor. I’m in a situation where i have a 2x six core, 48 GB ram server which I want to turn into ONE virtual machine ( live migrations, scaling, etc…), but I cant…I can only turn it into a 4 core, 44 GB machine, effectively, wasting other 8 cores!?

I would really love to get in touch with someone from Microsoft Virtualization team and send them a list of must-have changes :D Someone knows some insiders? :D

Let me make one thing clear, I love Microsoft, but lets face it, there is lots of work that needs to be done. Admit it or not, the guys at the “Linux Camp” have much more options and features regarding virtualization. I really, really love HyperV, but some limitations are just plain unlogical/stupid.

Sorry for a bitter post, but I had to throw out my frustrations :)

 

Tags: , , , , , , , , , ,
1 Comment

WebSitePanel – MySQL problem fix – UPDATED

Posted Apr.28, 2011 under WebSitePanel Fixes

Here you can download the files for fixing mysql issues ( deleting database ) on WSP 1.0.1.0, 1.0.2 , 1.1.0 and 1.1.2

INSTRUCTIONS :

Replace “websitepanel.providers.database.mysql.dll” file in “server\bin” folder with the one you downloaded. These fixes fixed my problem on all servers EXCEPT the one running mysql 5.0.27 version….ones runing 5.1 and 5.0.77 works fine. I Will update if I get this solved too…

Currently I am getting this error on 5.0.27 server: ERROR: ‘MySQL Server 5.0′ DeleteDatabase System.Data.EvaluateException: Cannot perform ‘=’ operation on System.Byte[] and System.String.

FIX for 1.0.1.0 version can be found HERE

FIX for the 1.0.2 version can be found HERE

FIX for the 1.1.0 version can be found HERE

FIX for the 1.1.2 version can be found HERE – UPDATED!!!

Hope it will be helpfull.

If you have any questions, just let me know.

Ofcourse, these fixes are provided AS-IS . I dont guarantee it will work on your machine, and I cannot take responsibility for any damages cause by it.

Tags: , , , , , , , , , ,
37 Comments

Tune up my server, Mr. Admin aka – improve IIS 7/7.5 performance – part 1

Posted Apr.04, 2011 under IIS server, Servers

Couple days ago, I had to setup a machine for a customer of ours who will host a web site for some Microsoft conference in Croatia. Since, this is the biggest IT conference in Croatia, I really tried to take everything to the next level and tweak the hell out of that machine :)

For stress testing, I used Siege with  url.txt file where I saved about 20 links from the web site I was testing, in order to emulate the real world scenario as much as possible.

So, for starters, lets throw out some numbers, to see how the machines copes when the IIS install is out of the box :


The test has been run with 150 concurrent users.
Lifting the server siege...      done.                                         Transactions:                    5215 hits
Availability:                 100.00 %
Elapsed time:                  59.83 secs
Data transferred:             472.64 MB
Response time:                  1.69 secs
Transaction rate:              87.16 trans/sec
Throughput:                     7.90 MB/sec
Concurrency:                  147.32
Successful transactions:        5215
Failed transactions:               0
Longest transaction:            5.99
Shortest transaction:           0.25

So, lets take look on the Longest and Shortest transaction value – pretty jumpy, right?

It took the machine to serve the page, in a range of 0.25 to almost 6 seconds? SLOW!

STOP!  Tweaking time :)

One note – do not run 32 bit apps in 64 application pool – waste of resources!

Since this is a website which has around 120 requests to the IIS server for loading one page  I have TURNED OFF the compression!

Why? Simple tradeoff, more bandwidht for less CPU usage. With compression turned on, site had around 1.2 MB ( a lot, I know ), but with compression turned off, site loading time went down for almost 50%, and the site size went for for only 100 KB :)   -  a good trade off in my opinion!

Next -  lets cache this sucker out, I turned on caching for both dynamic and static content, pretty simple setting for a huge improvement!

Now, lets dive into some more complex tweaking -  .Net and registry tweak.

Does the “word”  MaxConcurrentThreadsPerCPU sound familiar?

Basically, with standard out-of-the-box setting, number of requests per CPU is limited to 12.

By default, this entry doesnt exist in the registry, so we need to add it.

MaxConcurrentRequestsPerCPU within HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ASP.NET\2.0.50727.0 determines the number of concurrent requests per CPU.

Since that value in .NET 4 is already set to 5000, there’s no need to change that is you run a .NET 4 application, but in my case, I had applications with .NET 2, .NET 3.5 and .NET 4 running on the machine, so I have set the value  MaxConcurrentRequestsPerCPU to 0 – which means unlimited.

Lets do some load stress with the new IIS and .NET setting. Again, we will run Siege with 150 concurrent users.
Lifting the server siege...      done.                                         Transactions:                    8171 hits
Availability:                 100.00 %
Elapsed time:                  59.58 secs
Data transferred:             643,80 MB
Response time:                  0.96 secs
Transaction rate:             137.14 trans/sec
Throughput:                     10.73 MB/sec
Concurrency:                  131.67
Successful transactions:        8171
Failed transactions:               0
Longest transaction:            1.99
Shortest transaction:           0.15

So, as we can see, we had almost 3000 more transactions, better transaction rate and load time improved over 3 times ( 0.15 to 1.99 sec ).

But wait, there’s more, in the next post, we will do some network level tweaking, and see if we can get even more juice from the machine.

 

NOTE:  Since I didnt write the applications  and didnt have access to them to review them, I had to optimize the server as much as possible.

Tags: , , , , , , ,
1 Comment

SpamBots+bad application+SQL server = PROBLEMS!

Posted Oct.25, 2010 under Servers, Windows and Powershell

So…today I had a very interesting issue. All of a sudden Nagios went red with the message: CRITICAL : – total: 232.82 Gb – used: 212.67 Gb (91%) – free 20.15 Gb (9%) on one of our SQL server. I was like..”NO! It cannot be. I clearly remember that this machine had over 150 Gb of free space yesterday!”

I log in to the machine, and automatically go to the data folder of SQL server thinking that some customer has a HUGE! log file on his database; so, right click – Select All -> Properties… only 50 Gbs of data…hmm…not here!

At that moment I notice that the server isnt “jumpy” as usual, so I start Performance monitor and see that the Avg. Disk Queue is off the chart!  That definatelly isnt right…

Since that machine is using Windows 2003, theres no too good way to see what application is using so much disk I/O ( beside FileMon ) , I start the FileMon and se that the SQL service is writing HUGE amount of data to its ERRORLOG file.

By navigating to the folder, I see that the ERRORLOG file is over 120 Gb big so opening it in Notepad, Context or some other file was out of the question, since it would kill the machine completely.

So, lets turn to powershell once more. In order to be sure to not kill the machine, since its in production , I have moved the file to an empty machine to opened it there.

Powershell : cat errorlog +ENTER :) after that powershell started to list the entire content of the file, and it took about 15 mins until it reached the end. AMAZING

By examining the log, I notice ( it was hard to NOT notice it ) litterally millions of these entries:

Could not allocate space for object ‘dbo.tblComments’.'tblComments’ in database ‘DATABASEname’ because the ‘PRIMARY’ filegroup is full. Create disk space by deleting unneeded files, dropping objects in the filegroup, adding additional files to the filegroup, or setting autogrowth on for existing files in the filegroup.

What happened here?

The site that was using that database is poorly written and was allowing everyone to post comments on the articles without any security check, so it soon reached the size limit set on the database.  By further digging on the issue, I saw that the bots are posting about 4-5 comments each second which comes to about 18000 comments/hour…multiply that by 15-16 hours it took to fill the error log to that size, we roughly come to 280000 comments…that’s A LOT of comments! :)

After disabling the site and sending the email to the customer, situation on the machine looks like this :

The big drop on the green line is the moment where I disabled the problematic web site.

Tags: , , , , , , ,
Leave a Comment