IIS7 SNI Rewrite – Howto

Problem

Windows XP Users with IE8 are unable to connect to your Server Name Indication (SNI) enabled Amazon CloudFront distribution.

Solution

Do not rewrite URLs to CloudFront if the user agent indicates a system that does not support SNI.

Example (IIS 7)

Be sure to have the URL Rewrite module installed

URL Rewrite rule precondition . . . → Read More: IIS7 SNI Rewrite – Howto

iis7 insert rewrite rule web.config

To insert a rewrite rule in to a web.config for deployment purposes you need to modify Web.Release.Config

Example <system.webServer> <rewrite xdt:Transform=”Insert”> <outboundRules> <rule name=”Add Cross Origin Access”> <match serverVariable=”RESPONSE_Access_Control_Allow_Origin” pattern=”.*” /> <conditions> <add input=”{REQUEST_URI}” pattern=”.*\.(ttf|otf|eot|woff|svg)\?*.*$” /> </conditions> <action type=”Rewrite” value=”*”/> </rule> </outboundRules> </rewrite> </system.webServer>

Cloudfront IIS7 CORS Fix

Problem

You keep getting Control Allow Origin errors on fonts that are pulling from your CloudFront CDN

Solution

You need to make changes at CloudFront and your IIS 7 Server

CloudFront Changes

Modify the origin behaviors:

Navigate to the CloudFront Distributions Panel Select your Distribution Click Behaviors Tab Select Behavior from list items Click Edit . . . → Read More: Cloudfront IIS7 CORS Fix

iis 7.5 The format of the specified network name is invalid – IIS Error 0x800704BE

Problem IIS 7.5 is holding on to an IP and you cannot get it to listen to the right IP.

You might see this error message:

The format of the specified network name is invalid – IIS Error 0x800704BE Solution

You will need to remove and add the listening ip via netsh (see below)

Determine . . . → Read More: iis 7.5 The format of the specified network name is invalid – IIS Error 0x800704BE

backup perfmon counters

How to backup your perfmon counters

The easiest way to backup your perfmon counters is to use the lodctr tool

Lodctr

Registers new Performance counter names and Explain text for a service or device driver, and saves and restores counter settings and Explain text.

Syntax lodctr [\\ComputerName] FileName [/s:FileName] [/r:FileName] Example lodctr /s:”perf backup1.txt” . . . → Read More: backup perfmon counters

Block Countries Behind ELB

To block countries behind an ELB (Elastic Load Balancer) you should use Maxmind’s GeoIP Country Database.

Problem

You are unable to use iptables or ipset to block countries because of your Amazon Elastic Load Balancer

Solution

Use Maxmind’s GeoIP Country Database in conjunction with Apache or NGINX

Example

This example is for Ubuntu 12.04 (Precise)

. . . → Read More: Block Countries Behind ELB

EC2 ELB Godaddy Cert

Adding Godaddy Cert to EC2 ELB Setup AWS Command Line Interface

Setup instructions are found here: http://aws.amazon.com/cli/

Define your files and run these commands: # define these crtdomain=”example.com” crtchain=”gd_bundle.crt” echo “converting to pem format” openssl rsa -in ${crtdomain}.key -out aws-${crtdomain}.key openssl x509 -in ${crtdomain}.crt -out aws-${crtdomain}.crt -outform PEM echo “uploading certificate ${crtdomain} to Amazon” aws . . . → Read More: EC2 ELB Godaddy Cert

logstash filters for ssh attempts

Description

Logstash filters for ssh brute for, sudo auth failures, or failed login attempts

Filters grok { type => “syslog” patterns_dir => ["/opt/logstash/patterns"] pattern => [ "%{SYSLOGLINE}" ] } grep { type => “syslog” drop => false match => [ "@message", "([fF]ailed|[fF]ailure).*password|authentication.*failure|incorrect.password” ] add_tag => [ "auth_failure" ] } grep { type => “syslog” drop . . . → Read More: logstash filters for ssh attempts

logstash ec2 instanceid

How to get Logstash to read your ec2 instance id logstash.sh !/bin/bash EC2_INSTANCE_ID=$(curl -s http://169.254.169.254/latest/meta-data/instance-id) export EC2_INSTANCE_ID conf=/opt/logstash/simple.conf lsjar=/opt/logstash/logstash.jar myjava=$(which java) if [ -z $myjava ]; then echo “java is required; please install openjdk or jre” exit 1 fi # spawn logstash $myjava -jar $lsjar agent -f $conf config file /opt/logstash/simple.conf input { exec { . . . → Read More: logstash ec2 instanceid