{"id":96,"date":"2023-05-04T14:37:29","date_gmt":"2023-05-04T14:37:29","guid":{"rendered":"https:\/\/blog.xay.de\/?p=96"},"modified":"2023-05-04T14:39:02","modified_gmt":"2023-05-04T14:39:02","slug":"hacked-not-hacked-ressources-for-iis","status":"publish","type":"post","link":"https:\/\/blog.xay.de\/index.php\/2023\/05\/04\/hacked-not-hacked-ressources-for-iis\/","title":{"rendered":"Hacked &#8211; (not hacked, ressources for IIS)"},"content":{"rendered":"<p>Windows 2008R2 with IIS got hacked, but&#8230;<\/p>\n<p>&#8230; the <a href=\"https:\/\/blog.xay.de\/index.php\/2023\/04\/26\/hacked-my-windows-servers\/\">incident from 25.04.2023 is processed<\/a> now and I got <strong>not hacked<\/strong> in the last two weeks \ud83d\ude00<\/p>\n<p>But there is still a problem, which is new. If someone access the server via http, the first http query is running very slow, after some time (mostly trying a second time after the webbrowser timeout), the request is working and if you request, request, request&#8230; (and so on)&#8230; the server is fast.<\/p>\n<p>So it seems a question of &#8222;inactivity&#8220; shutting down processes. I checked all, what I could check &#8211; IIS startup, his addons startup and set all of &#8222;start immedeately&#8220; and &#8222;inactivity timeout 0&#8220;. But it&#8217;s not getting better, I miss something. My solution may be to call the webserver every 5 seconds by a script with curl to hold it active. Not nice, but working (hopefully).<\/p>\n<h3>IIS improvements<\/h3>\n<p>But while working with the IIS, I thought it would be nice, to set it to https. It is not a big thing, but I share the ressources:<\/p>\n<ul>\n<li>Activate TLS1.2, you can find the procedure <a href=\"https:\/\/www.kernel64.com\/tls-1-1-sowie-tls-1-2-auf-windows-server-2008-r2-aktivieren\/\" target=\"_blank\" rel=\"noopener\">here<\/a> (and you can download the registry entries for doubleclicking). Needs rebooting. It&#8217;s rediculous&#8230; the server still has TLS1.2, but it&#8217;s deactivated by default.<\/li>\n<li>Install <a href=\"https:\/\/www.win-acme.com\/manual\/getting-started\" target=\"_blank\" rel=\"noopener\">Win-acme<\/a> on the machine, it still work still with Windows Server 2008RS and IIS. Small problem: If you had another certificate installed before, it is active again. I wondered, why the test with https got a &#8222;Expired Certificate&#8220; message. You have to go to the Webservers bindings (IIS-Manager, choose default website) and select the new certificate manually (hopefully a one-timer).<\/li>\n<\/ul>\n<p>To add a note, why is wasn&#8217;t active in the past: All requests by the software are on http, not https. Because there are no personal data involved, there was no need for it, but the client software is from 2012 and from some guys, who didn&#8217;t care about it, even as I beg them to do so.<\/p>\n<p>Waiting for another hacking \ud83d\ude42<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Windows 2008R2 with IIS got hacked, but&#8230; &#8230; the incident from 25.04.2023 is processed now and I got not hacked in the last two weeks \ud83d\ude00 But there is still a problem, which is new. If someone access the server via http, the first http query is running very slow, after some time (mostly trying [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-96","post","type-post","status-publish","format-standard","hentry","category-small-talk"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Hacked - (not hacked, ressources for IIS) - Oh nee. Xay hat 1 Blog.<\/title>\n<meta name=\"description\" content=\"Some cleanups and improvements after hacking, installed TLS1.2 &amp; Let&#039;s encrypt on the server. Some ressources you can use.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.xay.de\/index.php\/2023\/05\/04\/hacked-not-hacked-ressources-for-iis\/\" \/>\n<meta property=\"og:locale\" content=\"de_DE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hacked - (not hacked, ressources for IIS) - Oh nee. Xay hat 1 Blog.\" \/>\n<meta property=\"og:description\" content=\"Some cleanups and improvements after hacking, installed TLS1.2 &amp; Let&#039;s encrypt on the server. Some ressources you can use.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.xay.de\/index.php\/2023\/05\/04\/hacked-not-hacked-ressources-for-iis\/\" \/>\n<meta property=\"og:site_name\" content=\"Oh nee. Xay hat 1 Blog.\" \/>\n<meta property=\"article:published_time\" content=\"2023-05-04T14:37:29+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-05-04T14:39:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blog.xay.de\/wp-content\/uploads\/2023\/03\/grey2.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"640\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Commander Xay\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Geschrieben von\" \/>\n\t<meta name=\"twitter:data1\" content=\"Commander Xay\" \/>\n\t<meta name=\"twitter:label2\" content=\"Gesch\u00e4tzte Lesezeit\" \/>\n\t<meta name=\"twitter:data2\" content=\"2\u00a0Minuten\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/blog.xay.de\\\/index.php\\\/2023\\\/05\\\/04\\\/hacked-not-hacked-ressources-for-iis\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.xay.de\\\/index.php\\\/2023\\\/05\\\/04\\\/hacked-not-hacked-ressources-for-iis\\\/\"},\"author\":{\"name\":\"Commander Xay\",\"@id\":\"https:\\\/\\\/blog.xay.de\\\/#\\\/schema\\\/person\\\/e8225908b2beb59927aab9ee3244f4c6\"},\"headline\":\"Hacked &#8211; (not hacked, ressources for IIS)\",\"datePublished\":\"2023-05-04T14:37:29+00:00\",\"dateModified\":\"2023-05-04T14:39:02+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/blog.xay.de\\\/index.php\\\/2023\\\/05\\\/04\\\/hacked-not-hacked-ressources-for-iis\\\/\"},\"wordCount\":336,\"publisher\":{\"@id\":\"https:\\\/\\\/blog.xay.de\\\/#\\\/schema\\\/person\\\/e8225908b2beb59927aab9ee3244f4c6\"},\"articleSection\":[\"Small talk\"],\"inLanguage\":\"de\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/blog.xay.de\\\/index.php\\\/2023\\\/05\\\/04\\\/hacked-not-hacked-ressources-for-iis\\\/\",\"url\":\"https:\\\/\\\/blog.xay.de\\\/index.php\\\/2023\\\/05\\\/04\\\/hacked-not-hacked-ressources-for-iis\\\/\",\"name\":\"Hacked - (not hacked, ressources for IIS) - Oh nee. Xay hat 1 Blog.\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/blog.xay.de\\\/#website\"},\"datePublished\":\"2023-05-04T14:37:29+00:00\",\"dateModified\":\"2023-05-04T14:39:02+00:00\",\"description\":\"Some cleanups and improvements after hacking, installed TLS1.2 & Let's encrypt on the server. Some ressources you can use.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/blog.xay.de\\\/index.php\\\/2023\\\/05\\\/04\\\/hacked-not-hacked-ressources-for-iis\\\/#breadcrumb\"},\"inLanguage\":\"de\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/blog.xay.de\\\/index.php\\\/2023\\\/05\\\/04\\\/hacked-not-hacked-ressources-for-iis\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/blog.xay.de\\\/index.php\\\/2023\\\/05\\\/04\\\/hacked-not-hacked-ressources-for-iis\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Startseite\",\"item\":\"https:\\\/\\\/blog.xay.de\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Hacked &#8211; (not hacked, ressources for IIS)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/blog.xay.de\\\/#website\",\"url\":\"https:\\\/\\\/blog.xay.de\\\/\",\"name\":\"Oh nee. Xay hat 1 Blog.\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/blog.xay.de\\\/#\\\/schema\\\/person\\\/e8225908b2beb59927aab9ee3244f4c6\"},\"alternateName\":\"Duh. Xay has 1 blog.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/blog.xay.de\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"de\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/blog.xay.de\\\/#\\\/schema\\\/person\\\/e8225908b2beb59927aab9ee3244f4c6\",\"name\":\"Commander Xay\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\\\/\\\/blog.xay.de\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/grey2.jpg\",\"url\":\"https:\\\/\\\/blog.xay.de\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/grey2.jpg\",\"contentUrl\":\"https:\\\/\\\/blog.xay.de\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/grey2.jpg\",\"width\":640,\"height\":640,\"caption\":\"Commander Xay\"},\"logo\":{\"@id\":\"https:\\\/\\\/blog.xay.de\\\/wp-content\\\/uploads\\\/2023\\\/03\\\/grey2.jpg\"},\"sameAs\":[\"https:\\\/\\\/www.xay.de\",\"https:\\\/\\\/www.tumblr.com\\\/blog\\\/commanderxay\"],\"url\":\"https:\\\/\\\/blog.xay.de\\\/index.php\\\/author\\\/xay\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hacked - (not hacked, ressources for IIS) - Oh nee. Xay hat 1 Blog.","description":"Some cleanups and improvements after hacking, installed TLS1.2 & Let's encrypt on the server. Some ressources you can use.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.xay.de\/index.php\/2023\/05\/04\/hacked-not-hacked-ressources-for-iis\/","og_locale":"de_DE","og_type":"article","og_title":"Hacked - (not hacked, ressources for IIS) - Oh nee. Xay hat 1 Blog.","og_description":"Some cleanups and improvements after hacking, installed TLS1.2 & Let's encrypt on the server. Some ressources you can use.","og_url":"https:\/\/blog.xay.de\/index.php\/2023\/05\/04\/hacked-not-hacked-ressources-for-iis\/","og_site_name":"Oh nee. Xay hat 1 Blog.","article_published_time":"2023-05-04T14:37:29+00:00","article_modified_time":"2023-05-04T14:39:02+00:00","og_image":[{"width":640,"height":640,"url":"https:\/\/blog.xay.de\/wp-content\/uploads\/2023\/03\/grey2.jpg","type":"image\/jpeg"}],"author":"Commander Xay","twitter_card":"summary_large_image","twitter_misc":{"Geschrieben von":"Commander Xay","Gesch\u00e4tzte Lesezeit":"2\u00a0Minuten"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.xay.de\/index.php\/2023\/05\/04\/hacked-not-hacked-ressources-for-iis\/#article","isPartOf":{"@id":"https:\/\/blog.xay.de\/index.php\/2023\/05\/04\/hacked-not-hacked-ressources-for-iis\/"},"author":{"name":"Commander Xay","@id":"https:\/\/blog.xay.de\/#\/schema\/person\/e8225908b2beb59927aab9ee3244f4c6"},"headline":"Hacked &#8211; (not hacked, ressources for IIS)","datePublished":"2023-05-04T14:37:29+00:00","dateModified":"2023-05-04T14:39:02+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.xay.de\/index.php\/2023\/05\/04\/hacked-not-hacked-ressources-for-iis\/"},"wordCount":336,"publisher":{"@id":"https:\/\/blog.xay.de\/#\/schema\/person\/e8225908b2beb59927aab9ee3244f4c6"},"articleSection":["Small talk"],"inLanguage":"de"},{"@type":"WebPage","@id":"https:\/\/blog.xay.de\/index.php\/2023\/05\/04\/hacked-not-hacked-ressources-for-iis\/","url":"https:\/\/blog.xay.de\/index.php\/2023\/05\/04\/hacked-not-hacked-ressources-for-iis\/","name":"Hacked - (not hacked, ressources for IIS) - Oh nee. Xay hat 1 Blog.","isPartOf":{"@id":"https:\/\/blog.xay.de\/#website"},"datePublished":"2023-05-04T14:37:29+00:00","dateModified":"2023-05-04T14:39:02+00:00","description":"Some cleanups and improvements after hacking, installed TLS1.2 & Let's encrypt on the server. Some ressources you can use.","breadcrumb":{"@id":"https:\/\/blog.xay.de\/index.php\/2023\/05\/04\/hacked-not-hacked-ressources-for-iis\/#breadcrumb"},"inLanguage":"de","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.xay.de\/index.php\/2023\/05\/04\/hacked-not-hacked-ressources-for-iis\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.xay.de\/index.php\/2023\/05\/04\/hacked-not-hacked-ressources-for-iis\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Startseite","item":"https:\/\/blog.xay.de\/"},{"@type":"ListItem","position":2,"name":"Hacked &#8211; (not hacked, ressources for IIS)"}]},{"@type":"WebSite","@id":"https:\/\/blog.xay.de\/#website","url":"https:\/\/blog.xay.de\/","name":"Oh nee. Xay hat 1 Blog.","description":"","publisher":{"@id":"https:\/\/blog.xay.de\/#\/schema\/person\/e8225908b2beb59927aab9ee3244f4c6"},"alternateName":"Duh. Xay has 1 blog.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.xay.de\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"de"},{"@type":["Person","Organization"],"@id":"https:\/\/blog.xay.de\/#\/schema\/person\/e8225908b2beb59927aab9ee3244f4c6","name":"Commander Xay","image":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/blog.xay.de\/wp-content\/uploads\/2023\/03\/grey2.jpg","url":"https:\/\/blog.xay.de\/wp-content\/uploads\/2023\/03\/grey2.jpg","contentUrl":"https:\/\/blog.xay.de\/wp-content\/uploads\/2023\/03\/grey2.jpg","width":640,"height":640,"caption":"Commander Xay"},"logo":{"@id":"https:\/\/blog.xay.de\/wp-content\/uploads\/2023\/03\/grey2.jpg"},"sameAs":["https:\/\/www.xay.de","https:\/\/www.tumblr.com\/blog\/commanderxay"],"url":"https:\/\/blog.xay.de\/index.php\/author\/xay\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.xay.de\/index.php\/wp-json\/wp\/v2\/posts\/96","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.xay.de\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.xay.de\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.xay.de\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.xay.de\/index.php\/wp-json\/wp\/v2\/comments?post=96"}],"version-history":[{"count":2,"href":"https:\/\/blog.xay.de\/index.php\/wp-json\/wp\/v2\/posts\/96\/revisions"}],"predecessor-version":[{"id":98,"href":"https:\/\/blog.xay.de\/index.php\/wp-json\/wp\/v2\/posts\/96\/revisions\/98"}],"wp:attachment":[{"href":"https:\/\/blog.xay.de\/index.php\/wp-json\/wp\/v2\/media?parent=96"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.xay.de\/index.php\/wp-json\/wp\/v2\/categories?post=96"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.xay.de\/index.php\/wp-json\/wp\/v2\/tags?post=96"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}